linux: set advmss correctly when route MTU is used (#245)

If different mtus are specified for different routes, we should set advmss on each route because Linux does a poor job of selecting the default (from ip-route(8)): advmss NUMBER (Linux 2.3.15+ only) the MSS ('Maximal Segment Size') to advertise to these destinations when estab‐ lishing TCP connections. If it is not given, Linux uses a default value calcu‐ lated from the first hop device MTU. (If the path to these destination is asym‐ metric, this guess may be wrong.) Note that the default value is calculated from the first hop *device MTU*, not the *route MTU*. In practice this is usually ok as long as the other side of the tunnel has the mtu configured exactly the same, but we should probably just set advmss correctly on these routes.
2020-06-26 13:47:21 -04:00
parent 55858c64cc
commit 1ea8847085
2 changed files with 47 additions and 0 deletions
--- a/tun_linux.go
+++ b/tun_linux.go
@ -216,6 +216,7 @@ func (c Tun) Activate() error {
 		LinkIndex: link.Attrs().Index,
 		Dst:       dr,
 		MTU:       c.DefaultMTU,
+		AdvMSS:    c.advMSS(route{}),
 		Scope:     unix.RT_SCOPE_LINK,
 		Src:       c.Cidr.IP,
 		Protocol:  unix.RTPROT_KERNEL,
@ -233,6 +234,7 @@ func (c Tun) Activate() error {
 			LinkIndex: link.Attrs().Index,
 			Dst:       r.route,
 			MTU:       r.mtu,
+			AdvMSS:    c.advMSS(r),
 			Scope:     unix.RT_SCOPE_LINK,
 		}

@ -248,6 +250,7 @@ func (c Tun) Activate() error {
 			LinkIndex: link.Attrs().Index,
 			Dst:       r.route,
 			MTU:       r.mtu,
+			AdvMSS:    c.advMSS(r),
 			Scope:     unix.RT_SCOPE_LINK,
 		}

@ -265,3 +268,16 @@ func (c Tun) Activate() error {

 	return nil
 }
+
+func (c Tun) advMSS(r route) int {
+	mtu := r.mtu
+	if r.mtu == 0 {
+		mtu = c.DefaultMTU
+	}
+
+	// We only need to set advmss if the route MTU does not match the device MTU
+	if mtu != c.MaxMTU {
+		return mtu - 40
+	}
+	return 0
+}