mssfix max [mtu]
+ mssfix max [fixed]
+
mssfix
Announce to TCP sessions running over the tunnel that they should limit
their send packet sizes such that after OpenVPN has encapsulated them,
the resulting UDP packet size that OpenVPN sends to its peer will not
- exceed ``max`` bytes. The default value is :code:`1450`. Use :code:`0`
+ exceed ``max`` bytes. The default value is :code:`1492 mtu`. Use :code:`0`
as max to disable mssfix.
If the :code:`mtu` parameter is specified the ``max`` value is interpreted
transmitted over IPv4 on a link with MTU 1478 or higher without IP level
fragmentation (and 1498 for IPv6).
+ If the :code:`fixed` parameter is specified, OpenVPN will make no attempt
+ to calculate the VPN encapsulation overhead but instead will set the MSS to
+ limit the size of the payload IP packets to the specified number. IPv4 packets
+ will have the MSS value lowered to mssfix - 40 and IPv6 packets to mssfix - 60.
+
if ``--mssfix`` is specified is specified without any parameter it
inherits the parameters of ``--fragment`` if specified or uses the
default for ``--mssfix`` otherwise.
const struct options *options,
struct link_socket_info *lsi)
{
+ if (options->ce.mssfix_fixed)
+ {
+ /* we subtract IPv4 and TCP overhead here, mssfix method will add the
+ * extra 20 for IPv6 */
+ frame->mss_fix = options->ce.mssfix - (20 + 20);
+ return;
+ }
+
unsigned int overhead, payload_overhead;
overhead = frame_calculate_protocol_header_size(kt, options, false);
#endif
SHOW_INT(mssfix);
SHOW_BOOL(mssfix_encap);
+ SHOW_BOOL(mssfix_fixed);
SHOW_INT(explicit_exit_notification);
}
else
#endif
- if (ce->tun_mtu_defined && o->ce.tun_mtu == TUN_MTU_DEFAULT)
+ if (ce->tun_mtu_defined)
{
- /* We want to only set mssfix default value if we use a default
- * MTU Size, otherwise the different size of tun should either
- * already solve the problem or mssfix might artifically make the
- * payload packets smaller without mssfix 0 */
- ce->mssfix = MSSFIX_DEFAULT;
- ce->mssfix_encap = true;
- }
- else
- {
- msg(D_MTU_INFO, "Note: not enabling mssfix for non-default value "
- "of --tun-mtu");
+ if (o->ce.tun_mtu == TUN_MTU_DEFAULT)
+ {
+ /* We want to only set mssfix default value if we use a default
+ * MTU Size, otherwise the different size of tun should either
+ * already solve the problem or mssfix might artifically make the
+ * payload packets smaller without mssfix 0 */
+ ce->mssfix = MSSFIX_DEFAULT;
+ ce->mssfix_encap = true;
+ }
+ else
+ {
+ /* We still apply the mssfix value but only adjust it to the
+ * size of the tun interface. */
+ ce->mssfix = ce->tun_mtu;
+ ce->mssfix_fixed = true;
+ }
}
}
if (p[1])
{
/* value specified, assume encapsulation is not
- * included unles "mtu" follows later */
+ * included unless "mtu" follows later */
options->ce.mssfix = positive_atoi(p[1]);
options->ce.mssfix_encap = false;
options->ce.mssfix_default = false;
/* Set MTU to default values */
options->ce.mssfix_default = true;
options->ce.mssfix_encap = true;
+ options->ce.mssfix_fixed = false;
}
if (p[2] && streq(p[2], "mtu"))
{
options->ce.mssfix_encap = true;
}
+ else if (p[2] && streq(p[2], "fixed"))
+ {
+ options->ce.mssfix_fixed = true;
+ }
else if (p[2])
{
msg(msglevel, "Unknown parameter to --mssfix: %s", p[2]);
projects / thirdparty / openvpn.git / commitdiff
