Menu
▾
▴
Re: [Openvpn-users] Link mtu warnings
|
From: Alex K <rig...@gm...> - 2017-09-18 16:53:53
|
Hi Jan, Yes, I use ncp-disable on client side so as to be able to have per client cipher negotiation. How can one have ncp-disable and avoid link MTU issues? Thanx, Alex On Mon, Sep 18, 2017 at 7:43 PM, Jan Just Keijser <ja...@ni...> wrote: > Hi Alex, > > On 15/09/17 18:54, Alex K wrote: > > Hi all, > > I am receiving the below warning on server and client side when setting up > the tunnel: > > server: > Fri Sep 15 16:45:14 2017 172.30.0.180:44304 WARNING: 'link-mtu' is used > inconsistently, local='link-mtu 1562', remote='link-mtu 1530' > > client: > Fri Sep 15 16:45:14 2017 us=87436 WARNING: 'link-mtu' is used > inconsistently, local='link-mtu 1530', remote='link-mtu 1562' > > and further down on client side: > Fri Sep 15 16:45:15 2017 us=282768 OPTIONS IMPORT: adjusting link_mtu to > 1629 > > > I have on server side: > tun-mtu 1500 > fragment 1360 > mssfix > > > and on client side exactly the same: > tun-mtu 1500 > fragment 1360 > mssfix > > The tun interfaces on both sides show as 1500 with ifconfig. > > Why is this case? I cannot recall seeing such warning on openvpn 2.2.1-8. > I can provide more details if needed. > > > the link-mtu size also depends on the cipher and auth used ; are you using > NCP at all (i.e. do you explicitly specify 'disable-ncp' ?) A log file of > a failing client with 'verb 4' set would help. > > HTH, > > JJK > > |
