Project

General

Profile

Bug #765

mtu of TUN is not set correctly on OS X

Added by Lian Duan about 7 years ago. Updated 22 days ago.

Status:
Closed
Priority:
Normal
Category:
osx
Start date:
11.11.2014
Due date:
Estimated time:
Affected version:
5.2.1
Resolution:
Fixed

Description

OS X client is using kernel-libipsec and tun device, but the TUN created by OS X client has a MTU of 1500, which is causing problems as websites like apple.com/speedtest.net has some problem with PMTU.

According to

src/libcharon/plugins/kernel_libipsec/kernel_libipsec_plugin.c

#define TUN_DEFAULT_MTU 1400

The default MTU should be 1400, but ifconfig clearly says

utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
    inet 10.22.0.1 --> 10.22.0.1 netmask 0xff000000 

I suppose this is a bug in tun device implementation.

Associated revisions

Revision f4bfdec2 (diff)
Added by Tobias Brunner 22 days ago

kernel-pfroute: Set lower MTU on TUN devices

The default MTU of 1500 is too high if kernel-libipsec is used (considering
the overhead of UDP-encapsulated ESP), but might also have an effect if
a TUN device is only used to install a virtual IP (the route points to it,
so the system might use its MTU and 1500 would still be too high).

This also works around an issue on macOS 12 where no RTM_IFINFO event
is sent for the newly created TUN device (neither for the creation,
setting it "up", nor adding the address). Changing the MTU, however,
triggers such an event and we can detect the virtual IP.

Closes strongswan/strongswan#707

History

#2 Updated by Tobias Brunner over 3 years ago

  • Category set to osx

#3 Updated by Tobias Brunner 22 days ago

  • Status changed from New to Closed
  • Assignee set to Tobias Brunner
  • Resolution set to Fixed

This will be fixed in the next release (5.9.5) as setting an MTU on the TUN device had the fortunate side-effect of fixing an issue on macOS 12.

Also available in: Atom PDF