ocserv: website and mtu problems

Yin Guanhao yinguanhao at gmail.com
Thu Sep 26 00:49:00 EDT 2013

I have tried ocserv and it worked quite well.

However there are some problems I'd like to report:

1. The manual on the website uses the ‘−’ character instead of ‘-’. If
configuration is copied from there, it will not work and the error
message (like “config option tcp-port is mandatory”) is not really helpful.

2. MTU of the tun device seems to be 9 bytes larger than it should be.

I was not able to browse some https sites, and tcpdump said there are
truncated ip packets. After manually setting the MTU 9 bytes smaller,
everything worked.

The path MTU is 1500. And I have enabled try-mtu-discovery.

Anyway, thanks for this work.

Yin Guanhao

More information about the openconnect-devel mailing list