reversevpn 9 Posted ... Why is the MTU on files generated from AirVPN's config generator just 1320 instead of the normal 1420 for Wireguard? Not saying that this is a bad thing, but just curious. Quote Share this post Link to post
Staff 10433 Posted ... 12 hours ago, reversevpn said: Why is the MTU on files generated from AirVPN's config generator just 1320 instead of the normal 1420 for Wireguard? Not saying that this is a bad thing, but just curious. Hello! It's a compromise to avoid fragmentation on most networks, except PPPoE ones, where smaller 1280 bytes MTU is required. https://blog.silvio.cloud/2_WireGuard_and_MTU_MSS Quote WireGuard's encapsulation adds overhead to packets. If the resulting packet size exceeds the MTU of any link (including the tunnel itself), fragmentation occurs. This can cause: Reduced performance: Fragmentation and reassembly add processing overhead. Increased packet loss: Fragmented packets are more likely to be lost. You may test different MTU to find the optimal value for your network (the one that can provide you with the best performance). Kind regards Quote Share this post Link to post
reversevpn 9 Posted ... But if I select a bigger MTU than what you have server-side, won't the effective MTU of the applications running in the tunnel still be constrained to the server MTU? Quote Share this post Link to post
Staff 10433 Posted ... 6 hours ago, reversevpn said: But if I select a bigger MTU than what you have server-side, won't the effective MTU of the applications running in the tunnel still be constrained to the server MTU? Hello! Yes. Server side it is 1420 bytes, so this is your upper limit too. Thus you can test up to 1420 bytes to find the MTU that can provide you with the best performance. Kind regards Quote Share this post Link to post
Tommie 8 Posted ... Related to this, when selecting Wireguard in Eddie, is the MSS set to 1320 by default? If not is it recommended to add it to OVPN directives? Quote Share this post Link to post
Staff 10433 Posted ... 10 hours ago, Tommie said: Related to this, when selecting Wireguard in Eddie, is the MSS set to 1320 by default? If not is it recommended to add it to OVPN directives? Hello! No need for MSS clamping when using WireGuard, just modify the MTU if necessary. Since MSS clamping 1. becomes necessary only when you can't modify MTU, 2. needs packet mangling (WireGuard does not expose any option for it) and 3. requires anyway a server side modification, just operate through MTU. In OpenVPN (only when working over UDP), where networking management is a bit different, you can seriously consider the mssfix directive if you have any "fragmentation" problem that causes packet loss and poor performance. mssfix announces to TCP sessions running over the tunnel that they should limit their send packet sizes such that after OpenVPN has encapsulated them, the resulting UDP packet size that OpenVPN sends to its peer will not exceed max bytes. See also OpenVPN manual: https://openvpn.net/community-docs/community-articles/openvpn-2-6-manual.html In Eddie you can add custom directives for OpenVPN in "Preferences" > "OVPN Directives" window. Kind regards Quote Share this post Link to post
Not connected, Your IP: 216.73.216.49
Online: 38859 users - 502633 Mbit/s total BW