Hello,
First: I don't have any problem with OpenVPN and MTU, this is out of curiosity.
This is a simplified network map:
185.250.56.2 ---- OpenVPN --- A.B.C.D (PPPoE) OpenVPN -- 193.72.186.160
(BGP router for 193.72.186.0/24)
Look: (reliant is somewhere else on the internet, X.Y.88.46)
schaefer@reliant:~$ ping -s 1472 -M do 193.72.186.160
PING 193.72.186.160 (193.72.186.160) 1472(1500) bytes of data.
1480 bytes from 193.72.186.160: icmp_seq=1 ttl=53 time=29.4 ms
(1472 = 1500 - (IP header (20) + ICMP header (8))
and look: (X.Y. have been masked, because not my network, 193.72.186.0/24 is
mine)
12:57:25.004227 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP
(1), length 1500)
X.Y.88.46 > 193.72.186.160: ICMP echo request, id 57988, seq 4, length
1480
12:57:25.031827 IP (tos 0x0, ttl 53, id 6565, offset 0, flags [none], proto
ICMP (1), length 1500)
193.72.186.160 > X.Y.88.46: ICMP echo reply, id 57988, seq 4, length 1480
So, how does OpenVPN (mode tun over UDP) achieve 1500 MTU, especially since in
my case it can be transported over a PPPoE link with a lower MTU? (ppp0:
flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1492)
Is it because the router at A.B.C.D fragments the OpenVPN UDP datagrams (I see
fragments) and the path to 185.250.56.2 and back has no issues with
fragments?
Or is it OpenVPN itself which fragments its UDP datagrams used for transport
because in any case, the headers OpenVPN adds to the datagram are bigger than
the 1500 usual MTU?
In that case, for performance, should I tell OpenVPN to MSS clamp TCP at 1492
or even less?
Thank you.
PS: in the past, there was a bug on 185.250.56.2 (the BGP router above) which
would be connected to the Internet via an Ethernet link with a MTU < 1500:
and
I had a lower usable MTU (which was logical).
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
