Project

General

Profile

Issue #1496

kernel-netlink.mtu/mss not being set

Added by Jeonghoon Lee over 6 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
configuration
Affected version:
5.1.2
Resolution:
No feedback

Description

After IKEv2 establishment, packet transmission failure observed because the MTU and MSS are bigger than network configuration.
I'm trying to set new MTU/MSS with strongswan.conf, but the MTU/MSS are not changed and maintained by default size.
No matter what I set the MTU/MSS in strongswan.conf, it does not work.
Any help on this is much appreciated.

Here is my strongswan.conf

# strongswan.conf - strongSwan configuration file
charon {
    # number of worker threads in charon
    threads = 16
    plugins {    
        sql {        
            # loglevel to log into sql database
            loglevel = -1
        }

        kernel-netlink {
            mss = 1140;
            mtu = 1280;
        }
        updown {
            dns_handler = yes
        }
        android_log {
            loglevel = -1
        }
    }  
}

History

#1 Updated by Tobias Brunner over 6 years ago

  • Description updated (diff)
  • Status changed from New to Feedback

Yes, these options might not work (not sure if it depends on where the traffic originates and/or the kernel version). Set the MSS via iptables, see ForwardingAndSplitTunneling.

#2 Updated by Noel Kuntze over 5 years ago

  • Status changed from Feedback to Closed
  • Resolution set to No feedback

Also available in: Atom PDF