Tinc performance on a Dir-300
ZioPRoTo (Saverio Proto)
zioproto at gmail.com
Tue Sep 21 13:51:26 CEST 2010
> Our tinc device tap0 has an MTU of 1500 but it is in a bridge (br-mesh) wich
> has an MTU of 1476. Maybe you can have a look at this?
OK, maybe you have a problem with packet fragmentation and you waste a
lot of CPU.
Try to put the MTU of your tap device to a lower value.
Make this test MTU 1280 and add the following rule to your iptables firewall:
iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS
--clamp-mss-to-pmtu
this will cause new TCP connections to use segments that fit your interface MTU.
Note that 1280 is not the optimal value, you can fine tune later if
you see you get more speed.
Saverio
More information about the tinc
mailing list