Time for a 6.00 release?
Kevin Cernekee
cernekee at gmail.com
Tue Jun 24 08:04:16 PDT 2014
On Tue, Jun 24, 2014 at 2:53 AM, Nikos Mavrogiannopoulos
<nmav at gnutls.org> wrote:
>> Hm, joy. So that's a third way of negotiating the MTU, and this time
>> possibly even after the interface has been set up?
>
> That's a quite reasonable approach as one's idea of the MTU during
> negotiation may not be precise. I don't think it's an issue to change
> the MTU of the tun device at any point (at least if you know the name
> of the tun device and SIOCSIFMTU is available).
That does require CAP_NET_ADMIN; Android will have a problem with
this. The app only has the ability to perform a one-time interface
setup through a special API[1]; it doesn't run with root access.
I have an outstanding problem report from a user who sees an MTU of
1406 on OpenConnect but 1405 on AnyConnect. When his phone is
connected to wifi, 1405 is the highest value that works; but 1406
works on 3G. Not really sure how to probe for this value if the
device can freely switch to a different interface/network with a
different path MTU. Maybe in this case it was just luck.
There have been a couple of other cases where AnyConnect negotiates a
completely different MTU from OpenConnect but it wasn't catastrophic.
[1] http://developer.android.com/reference/android/net/VpnService.Builder.html
More information about the openconnect-devel
mailing list