]> git.ipfire.org Git - people/ms/strongswan.git/commit
projects / people / ms / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eb19699) | patch
kernel-pfroute: Set lower MTU on TUN devices
authorTobias Brunner <tobias@strongswan.org>
Fri, 5 Nov 2021 07:46:48 +0000 (08:46 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 9 Nov 2021 08:43:01 +0000 (09:43 +0100)
commitf4bfdec21f3400d8de3872cad3b8f00c3499471b
tree6d2eaa44a5f3fa44f487079adeb8e5fd6cdc92b9tree | snapshot
parenteb19699a7ad18235e2c6fe9de1700afe554e6ddecommit | diff
kernel-pfroute: Set lower MTU on TUN devices

The default MTU of 1500 is too high if kernel-libipsec is used (considering
the overhead of UDP-encapsulated ESP), but might also have an effect if
a TUN device is only used to install a virtual IP (the route points to it,
so the system might use its MTU and 1500 would still be too high).

This also works around an issue on macOS 12 where no RTM_IFINFO event
is sent for the newly created TUN device (neither for the creation,
setting it "up", nor adding the address).  Changing the MTU, however,
triggers such an event and we can detect the virtual IP.

Closes strongswan/strongswan#707
conf/plugins/kernel-pfroute.opt diff | blob | blame | history
src/libcharon/plugins/kernel_pfroute/kernel_pfroute_net.c diff | blob | blame | history
Michael's strongswan development tree