* Wireguard and MTU
@ 2017-05-31 9:31 Ibrahim Tachijian
2017-05-31 10:59 ` Jason A. Donenfeld
0 siblings, 1 reply; 3+ messages in thread
From: Ibrahim Tachijian @ 2017-05-31 9:31 UTC (permalink / raw)
To: WireGuard mailing list
[-- Attachment #1: Type: text/plain, Size: 1123 bytes --]
I understand that by default wireguard chooses an MTU of 1420.
The way that I have setup wireguard now is that I have a router (running
LEDE/openwrt) connecting to wireguard running on an arch server.
I then set the default gw to go through wireguard and properly do iptables
nat masquerading so that the only ip inside the tunnel is the ones in
allowed_ips.
Basically all my traffic from the router (lede/openwrt) now flows over
wireguard and then to the internet.
- Router -> wireguard -> Internet
- working good because the MTU is properly set to 1420.
- Wifi Client -> Router -> wireguard -> internet
- Not working properly because of MTU is set at 1500 at wifi/wired
dhcp clients.
How do we propose that we advertise the correct MTU that the NAT clients of
the router should use? Is there any other way to solve this issue?
Thanks,
--
*Ibrahim Tachijian*
CEO Net Sat AB
Mobile: +46723321377
barhom@netsat.se
_________________________
*Net Sat ABC/O Jayway AB*Klara Östra Kyrkogata 2B, 1TR, 111 52 Stockholm,
Sweden
Office: +46 (0)8 408 394 53
[-- Attachment #2: Type: text/html, Size: 2227 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Wireguard and MTU
2017-05-31 9:31 Wireguard and MTU Ibrahim Tachijian
@ 2017-05-31 10:59 ` Jason A. Donenfeld
2017-05-31 11:08 ` Ibrahim Tachijian
0 siblings, 1 reply; 3+ messages in thread
From: Jason A. Donenfeld @ 2017-05-31 10:59 UTC (permalink / raw)
To: Ibrahim Tachijian; +Cc: WireGuard mailing list
Set the mtu_fix boolean to 1 in your firewall config.
https://wiki.openwrt.org/doc/uci/firewall
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Wireguard and MTU
2017-05-31 10:59 ` Jason A. Donenfeld
@ 2017-05-31 11:08 ` Ibrahim Tachijian
0 siblings, 0 replies; 3+ messages in thread
From: Ibrahim Tachijian @ 2017-05-31 11:08 UTC (permalink / raw)
To: Jason A. Donenfeld; +Cc: WireGuard mailing list
[-- Attachment #1: Type: text/plain, Size: 591 bytes --]
The option mtu_fix was already inside my 'WAN' zone, so I went ahead and
added it to my 'LAN' zone instead and lo' and behold everything started
working.
Thanks again,
On Wed, May 31, 2017 at 12:59 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> Set the mtu_fix boolean to 1 in your firewall config.
> https://wiki.openwrt.org/doc/uci/firewall
>
--
*Ibrahim Tachijian*
CEO Net Sat AB
Mobile: +46723321377
barhom@netsat.se
_________________________
*Net Sat ABC/O Jayway AB*Klara Östra Kyrkogata 2B, 1TR, 111 52 Stockholm,
Sweden
Office: +46 (0)8 408 394 53
[-- Attachment #2: Type: text/html, Size: 1875 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-05-31 10:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-05-31 9:31 Wireguard and MTU Ibrahim Tachijian
2017-05-31 10:59 ` Jason A. Donenfeld
2017-05-31 11:08 ` Ibrahim Tachijian
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.