MTU problem on UDP

Kevin kevinchou.c at gmail.com
Sun Mar 23 21:45:54 EDT 2014


Hi List

days ago I post "Can't reach some route in Anyconnect”
 http://lists.infradead.org/pipermail/openconnect-devel/2014-March/001759.html

and now I finally find out why.

in my iptables I have a role to enable udp like this

-A INPUT -p udp -m udp --dport 443 -j ACCEPT

after I remove this role from the iptables, My problem solved.

seems The TCP backup didn’t have the MTU problem.

but I already added

iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

and even tried 

custom-header = "X-DTLS-MTU: 1200"
custom-header = "X-CSTP-MTU: 1200” 

set mtu = 1200 in config file. nothing helped.

So I guess this is a MTU bug on UDP?

--  
Kevin
Sent with Airmail



More information about the openconnect-devel mailing list