Thanks Gert, interesting ways indeed !
On 09/03/2021 15:48, Gert Doering wrote:
Hi,
On Tue, Mar 09, 2021 at 03:33:56PM +0000, tincanteksup wrote:
what is the final effect of using `--mssfix 0` in a client
config ?
What I mean is, how would openvpn interpret this and what would
it tell the TCP stack ?
I don't need to know about MSS, I just want to know what openvpn
would do with a setting of 0.
I would expect things to break in most interesting ways.
From what I can see, the code does not enforce a minimum value, but
isn't directly *using* that value either. It will be modified by
this macro
mss_fixup_ipv6(&ipbuf, MTU_TO_MSS(TUN_MTU_SIZE_DYNAMIC(&c->c2.frame)));
to figure out the final MSS value to put into the TCP SYN/SYN ACK
packets. Since "0" is the expected *outer* maximum, the net result
is likely something negative, which will end up as a large positive
number in the 16 bit MSS field.
Run tcpdump/wireshark and find out :-)
Also, would openvpn behave differently on *nix vs Windows with
this setting.
No. The code in question is not OS dependent (forward.c, mss.c, no
#ifdef _WIN32 anywhere close to "mss").
gert
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
