@@ -82,10 +82,15 @@ the local and the remote host.
ping-restart 60 # Argument: timeout
--link-mtu n
- Sets an upper bound on the size of UDP packets which are sent between
+ **DEPRECATED** Sets an upper bound on the size of UDP packets which are sent between
OpenVPN peers. *It's best not to set this parameter unless you know what
you're doing.*
+ Due to variable header size of IP header (20 bytes for IPv4 and 40 bytes
+ for IPv6) and dynamically negotiated data channel cipher, this option
+ is not reliable. It is recommended to set tun-mtu with enough headroom
+ instead.
+
--local host
Local host name or IP address for bind. If specified, OpenVPN will bind
to this address only. If unspecified, OpenVPN will bind to all
@@ -2111,9 +2111,7 @@ options_postprocess_verify_ce(const struct options *options,
*/
if (options->ce.tun_mtu_defined && options->ce.link_mtu_defined)
{
- msg(M_USAGE,
- "only one of --tun-mtu or --link-mtu may be defined (note that "
- "--ifconfig implies --link-mtu %d)", LINK_MTU_DEFAULT);
+ msg(M_USAGE, "only one of --tun-mtu or --link-mtu may be defined");
}
if (!proto_is_udp(ce->proto) && options->mtu_test)
This options might have been useful in the past but nowadays it has a very unclear semantics, so better remove/deprecate it. Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- doc/man-sections/link-options.rst | 7 ++++++- src/openvpn/options.c | 4 +--- 2 files changed, 7 insertions(+), 4 deletions(-)