We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2014-12-29 14:36:58 +0200

[regression] default MTU too small for OpenConnect VPN

User case: Jolla as USB Ethernet device (Internet Sharing) for RHEL7 laptop and using NetworkManager/OpenConnect for VPN connection.

Vaarainjärvi (1.1.1.27) dropped the default MTU to 1280 for cellular data (See https://together.jolla.com/question/71741/release-notes-software-version-11127-vaarainjarvi/ and https://together.jolla.com/question/52762/why-doesnt-jolla-work-with-saunalahtis-internet4-apn/?answer=53232#post-id-53232).

Cisco's AnyConnect requires 96 bytes for its packet headers. And this combined with Jolla's MTU 1280 means that OpenConnect should be using MTU 1184 but in RHEL7's OpenConnect software is considering that too small. In other words if I manually configure NetworkManager/OpenConnect to use MTU 1184 for new VPN connection OpenConnect is refusing to use it and replacing that with MTU 1200 which is too large for Jolla's cellular data connection.

Because the auto discovery for correct MTU is not working correctly with Vaarainjärvi, I manually tried to set the MTUs via NetworkManager and ifconfig/ip commands.

SSH connections and HTTP/HTTPS connections through the VPN tunnel are hanging on RHEL7 host due this change. It could be argued to the both ways that the issue is with Jolla or OpenConnect software, or both. Maybe Jolla should be more intelligent on the default MTU for cellular data, or there could be a new configuration option in the Mobile network's Internet settings in the Settings application.

[regression] default MTU too small for OpenConnect VPN

User case: Jolla as USB Ethernet device (Internet Sharing) for RHEL7 laptop and using NetworkManager/OpenConnect for VPN connection.

Vaarainjärvi (1.1.1.27) dropped the default MTU to 1280 for cellular data (See https://together.jolla.com/question/71741/release-notes-software-version-11127-vaarainjarvi/ and https://together.jolla.com/question/52762/why-doesnt-jolla-work-with-saunalahtis-internet4-apn/?answer=53232#post-id-53232).

Cisco's AnyConnect requires 96 bytes for its packet headers. And this combined with Jolla's MTU 1280 means that OpenConnect should be using MTU 1184 but in RHEL7's OpenConnect software is considering that too small. In other words if I manually configure NetworkManager/OpenConnect to use MTU 1184 for new VPN connection OpenConnect is refusing to use it and replacing that with MTU 1200 which is too large for Jolla's cellular data connection.

Because the auto discovery for correct MTU is not working correctly with Vaarainjärvi, I manually tried to set the MTUs via NetworkManager and ifconfig/ip commands.

SSH connections and HTTP/HTTPS connections through the VPN tunnel are hanging on RHEL7 host due this change. It could be argued to the both ways that the issue is with Jolla or OpenConnect software, or both. Maybe Jolla should be more intelligent on the default MTU for cellular data, or there could be a new MTU configuration option in the Mobile network's Internet settings in the Settings application.

[regression] default MTU too small for OpenConnect VPN

User case: Jolla as USB Ethernet device (Internet Sharing) for RHEL7 laptop and using NetworkManager/OpenConnect for VPN connection.

Vaarainjärvi (1.1.1.27) dropped the default MTU to 1280 for cellular data (See https://together.jolla.com/question/71741/release-notes-software-version-11127-vaarainjarvi/ and https://together.jolla.com/question/52762/why-doesnt-jolla-work-with-saunalahtis-internet4-apn/?answer=53232#post-id-53232).

Cisco's AnyConnect requires 96 bytes for its packet headers. And this combined with Jolla's MTU 1280 means that OpenConnect should be using MTU 1184 but in RHEL7's RHEL7 OpenConnect software is considering that too small. In other words if I manually configure NetworkManager/OpenConnect to use MTU 1184 for new VPN connection OpenConnect is refusing to use it and replacing that with MTU 1200 which is too large for Jolla's cellular data connection.

Because the auto discovery for correct MTU is not working correctly with Vaarainjärvi, I manually tried to set the MTUs via NetworkManager and ifconfig/ip commands.

SSH connections and HTTP/HTTPS connections through the VPN tunnel are hanging on RHEL7 host due this change. It could be argued to the both ways that the issue is with Jolla or OpenConnect software, or both. Maybe Jolla should be more intelligent on the default MTU for cellular data, or there could be a new MTU configuration option in the Mobile network's Internet settings in the Settings application.