Time for a 6.00 release?
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Jun 24 09:26:34 PDT 2014
On Tue, Jun 24, 2014 at 5:04 PM, Kevin Cernekee <cernekee at gmail.com> wrote:
> <nmav at gnutls.org> wrote:
>>> Hm, joy. So that's a third way of negotiating the MTU, and this time
>>> possibly even after the interface has been set up?
>>
>> That's a quite reasonable approach as one's idea of the MTU during
>> negotiation may not be precise. I don't think it's an issue to change
>> the MTU of the tun device at any point (at least if you know the name
>> of the tun device and SIOCSIFMTU is available).
> That does require CAP_NET_ADMIN; Android will have a problem with
> this. The app only has the ability to perform a one-time interface
> setup through a special API[1]; it doesn't run with root access.
Could the MTU discovery phase take place prior to establishing the
TUN? I.e., send the special DPD and expect a reply within a second or
two. If the reply is received create the device, if not resend a
smaller packet. That would add few seconds of latency in the creation
of the tun device and the channel, but the user wouldn't need to
search for the mtu manually.
regards,
Nikos
More information about the openconnect-devel
mailing list