Commit 2c91da26 authored by David Johnson's avatar David Johnson

Add the (hopefully best) MTU fixes.

These should be the best way to tell TCP sessions to reduce their window
to the tunnel's effective MTU, and to fragment real-MTU-sized UDP
packets.  This way, we don't need to mess with changing MTU on any of
the tunneled hosts; and hopefully we can still avoid most of the
fragmentation (since most or all of the cross-cluster flows are TCP).
parent 3245747c
......@@ -137,6 +137,8 @@ client-config-dir /etc/openvpn/ccd
keepalive 10 120
$CONFIG_COMPRESS
$CONFIG_CRYPT
fragment 1468
mssfix 1468
persist-key
persist-tun
status openvpn-status.log
......@@ -256,6 +258,8 @@ key $node.key
ns-cert-type server
$CONFIG_COMPRESS
$CONFIG_CRYPT
fragment 1468
mssfix 1468
verb 3
route-up "/etc/openvpn/$node-route-up.sh"
route-pre-down "/etc/openvpn/$node-route-pre-down.sh"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment