PMTUDiscovery vs ClampMSS
Guus Sliepen
guus at tinc-vpn.org
Mon Dec 13 09:33:36 CET 2010
On Sun, Dec 12, 2010 at 07:11:30PM -0600, Rob Townley wrote:
> Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes.
> When the server does not receive a PMTU request back from one of the
> clients even when the packet size is very small (say 164), then it
> reverts to TCP.
That means that communication with the client via UDP is not possible.
> Should i turn off PMTUDiscovery or should it be ok to leave on?
You should leave it on. The PMTUDiscovery packets are just regular UDP packets,
if they fail other UDP packets will not be received either. If you would
disable PMTUDiscovery, tinc would not fall back to TCP and no communication
with the client would be possible.
> It takes a very long time to do simple pings (1 second or so), so i
> wonder what else i can do?
Can you check whether non-VPN traffic from the client to the server is slow as
well, or maybe if there is a high level of packet loss?
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20101213/c0b65db8/attachment.pgp>
More information about the tinc
mailing list