ocserv: website and mtu problems
Yin Guanhao
yinguanhao at gmail.com
Mon Sep 30 05:21:00 EDT 2013
On 2013年09月30日 16:50, Nikos Mavrogiannopoulos wrote:
> Thanks. That could be the issue. Could you try this patch?
> I'm not sure about the 9 bytes larger though. Could it be 8 bytes
> instead? I cannot think what this extra byte is for.
With this patch the MTU on the client side is 1 byte larger (1215 v.s.
1214).
Log of ocserv:
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 peer CSTP MTU is 1280
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 TCP MSS is 1427
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 DTLS ciphersuite: AES128-SHA
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 suggesting DTLS MTU 1214
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 suggesting CSTP MTU 1215
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 plaintext MTU is 1280
ocserv[23446]: [xxx.xxx.xxx.xxx]:54873 setting vpns0 MTU to 1280
ocserv[23446]: [main] DTLS record version: 1.0
ocserv[23446]: [main] DTLS hello version: 1.0
ocserv[23446]: [xxx.xxx.xxx.xxx]:54873 passed UDP socket
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 TCP MSS is 1427
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 received UDP fd and connected to peer
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 setting up DTLS connection
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 setting MTU to 1215
ocserv[23446]: [xxx.xxx.xxx.xxx]:54873 setting vpns0 MTU to 1214
ocserv[23450]: [xxx.xxx.xxx.xxx]:54873 DTLS handshake completed (MTU: 1215)
Regards,
Yin Guanhao
More information about the openconnect-devel
mailing list