[strongSwan] Tunnel over [slow] GPRS link

Alexander Hill alex at hill.net.au
Tue May 2 07:48:45 CEST 2017

I changed my configuration on the mobile initiator side only.

You're right about the MSS only affecting TCP - but my understanding is
that it affects the size of packets before encapsulation in UDP, so your
final, encapsulated UDP packets also end up smaller.


On Tue, 2 May 2017 at 13:40 Rene Maurer <renemaur at gmail.com> wrote:

> Hello Alex
> Alexander Hill <alex at hill.net.au> wrote:
> > It sounds like an issue with that provider's network configuration
> > rather than with the bandwidth or latency.
> This is my opinion as well.
> > Try lowering MTU/MSS with either the
> > charon.plugins.kernel-netlink.mss/mtu settings or via iptables.
> I have tried to lower MTU. Without success so far.
> I may try MSS as well, but as far as I know MSS is only relevant for
> TCP not UDP (which is used by IKE).
> BTW, should MSS/MTU be lowered at both sides of the tunnel or is it
> enough when this is done at the Mobile Modem side?
> >
> https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling#MTUMSS-issues
> Thanks for the link.
> Kind regrads
> René
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170502/85551cc3/attachment.html>

More information about the Users mailing list