Wondering if anyone else is seeing the same problem as I am and/or can help....
I'm trying to connect to CloudConnexa using Open VPN Connect v3.3.4 (9290) on Android 13, connecting via a Network that connects to the internet over a PPPoE connection.
End-to-end link MTU is 1492 and the tunnel therefore should be set up with an MTU of 1420 (69 byte tunnel overhead).
However, OpenVPN Connect sets a tunnel MTU of 1500 and any packets over 1420 bytes fail to send properly, unless I manually force the Android device interface MTU to 1420 (the device is rooted):
Code: Select all
$ ping -c5 -s 1392 172.30.252.1
PING 172.30.252.1 (172.30.252.1) 1392(1420) bytes of data.
1400 bytes from 172.30.252.1: icmp_seq=1 ttl=62 time=35.6 ms
1400 bytes from 172.30.252.1: icmp_seq=2 ttl=62 time=36.8 ms
1400 bytes from 172.30.252.1: icmp_seq=3 ttl=62 time=297 ms
1400 bytes from 172.30.252.1: icmp_seq=4 ttl=62 time=125 ms
1400 bytes from 172.30.252.1: icmp_seq=5 ttl=62 time=204 ms
--- 172.30.252.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4008ms
rtt min/avg/max/mdev = 35.662/139.895/297.612/100.697 ms
$ ping -c5 -s 1396 172.30.252.1
PING 172.30.252.1 (172.30.252.1) 1396(1424) bytes of data.
--- 172.30.252.1 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4163ms
$ sudo ifconfig tun0 mtu 1420 up
$ ping -c5 -s 1396 172.30.252.1
PING 172.30.252.1 (172.30.252.1) 1396(1424) bytes of data.
1404 bytes from 172.30.252.1: icmp_seq=1 ttl=62 time=173 ms
1404 bytes from 172.30.252.1: icmp_seq=2 ttl=62 time=195 ms
1404 bytes from 172.30.252.1: icmp_seq=3 ttl=62 time=221 ms
1404 bytes from 172.30.252.1: icmp_seq=4 ttl=62 time=39.7 ms
1404 bytes from 172.30.252.1: icmp_seq=5 ttl=62 time=35.6 ms
--- 172.30.252.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4007ms
rtt min/avg/max/mdev = 35.671/133.126/221.344/79.362 ms
In theory I'd expect the tunnel MTU to be set according to link MTU, but that simply isn't working. On connection startup, the OpenVPN Connect log reports:
Code: Select all
Tunnel Options:V4,dev-type tun,link-mtu 1569,tun-mtu 1500,proto UDPv4,keydir 1,cipher AES-256-CBC,auth SHA256,keysize 256,tls-auth,key-method 2,tls-client
Any ideas as to how to fix this?