Eh-up Chuck!
On 09/03/2021 19:03, Gert Doering wrote:
Hi,
On Tue, Mar 09, 2021 at 07:55:11PM +0100, David Sommerseth wrote:
What I suspect Gert meant was that you can add it in the client config
on the clients - and each client config may have different --mssfix values.
Actually I thought you could have it in ccd/ files (et al) on the
server. Seems I was wrong there.
There is no technical reason why one couldn't have different MSS settings
for different clients - but it comes at an implementation cost (copy
settings to the per-client context setting, etc.), which is quite likely
why it was never done.
I *do* think it is pushable (might be wrong again...) *and* since it does
not matter whether --mssfix is operating on the client or server (it will
manipulate both incoming and outgoing TCP SYN and SYN ACKs, so it is
fully symmetric) - if you want lower limits for particular clients, it
could be pushed.
Or if I'm wrong again, put into the client config.
(--mssfix does not need to be identical on client and server, or even set
on both ends. The lower value "wins")
Moments after sending I thought to myself:
I bet Gert means it can simply be set in the client config ;-)
Even so, the term "per-client basis", in the context of openvpn,
is probably more widely understood to mean "a CCD configurable
option".
Generally, I use the term "non-symmetric" for things which can
be configured on only one side.
FTR:
push "mssfix 1280" is also rejected by the client:
2021-03-09 19:33:20 us=365176 Options error: option 'mssfix' cannot be
used in this context ([PUSH-OPTIONS])
R
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
