On Mon, 2013-09-30 at 11:29 +0200, Nikos Mavrogiannopoulos wrote: > > Ok, that makes sense. It seems that openconnect uses the last MTU > suggested and in that case it is the CSTP (TCP) MTU for the tun device. > The DTLS MTU is ignored. I'll make ocserv to return a single MTU value > for both CSTP and DTLS to avoid such issues. I'd be wary of following openconnect's lead on MTU handling. We haven't quite worked out what the Cisco "plan" is, or why there's even separate MTU reported for CSTP and DTLS when you use a *single* tun interface for them both, and switch between them as and when your UDP connectivity works or not. Perhaps openconnect should be using the smaller of the two MTUs.... or something. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20130930/aecc5047/attachment-0001.bin>
