Hi, On Tue, Mar 09, 2021 at 07:55:11PM +0100, David Sommerseth wrote: > What I suspect Gert meant was that you can add it in the client config > on the clients - and each client config may have different --mssfix values.
Actually I thought you could have it in ccd/ files (et al) on the
server. Seems I was wrong there.
There is no technical reason why one couldn't have different MSS settings
for different clients - but it comes at an implementation cost (copy
settings to the per-client context setting, etc.), which is quite likely
why it was never done.
I *do* think it is pushable (might be wrong again...) *and* since it does
not matter whether --mssfix is operating on the client or server (it will
manipulate both incoming and outgoing TCP SYN and SYN ACKs, so it is
fully symmetric) - if you want lower limits for particular clients, it
could be pushed.
Or if I'm wrong again, put into the client config.
(--mssfix does not need to be identical on client and server, or even set
on both ends. The lower value "wins")
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
