summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMicah Anderson <micah@leap.se>2014-11-13 15:11:51 -0500
committerMicah Anderson <micah@leap.se>2014-11-13 15:11:51 -0500
commit8abcc784b0fe1daad22dfd1ca8ecd068723e965d (patch)
tree7cde33a828e6eaace0d30ae5e866d597a0f4ba31
parent54849ae1d7407b2a6fd2f7d801e80e1632c20c70 (diff)
parente18853b16969cb164613003edfab9a5b5800e099 (diff)
Merge remote-tracking branch 'elijah/bugfix/mtu' into develop
-rw-r--r--provider_base/files/service-definitions/v1/eip-service.json.erb4
-rw-r--r--provider_base/services/openvpn.json3
-rw-r--r--puppet/modules/site_openvpn/manifests/server_config.pp12
3 files changed, 18 insertions, 1 deletions
diff --git a/provider_base/files/service-definitions/v1/eip-service.json.erb b/provider_base/files/service-definitions/v1/eip-service.json.erb
index 3b8976fd..0ecd002a 100644
--- a/provider_base/files/service-definitions/v1/eip-service.json.erb
+++ b/provider_base/files/service-definitions/v1/eip-service.json.erb
@@ -42,6 +42,10 @@
end
configuration = node.openvpn.configuration
end
+ configuration = configuration.dup
+ if configuration['fragment'] && configuration['fragment'] == 1500
+ configuration.delete('fragment')
+ end
hsh["gateways"] = gateways.compact
hsh["locations"] = locations
hsh["openvpn_configuration"] = configuration
diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json
index 1906244c..11cb0dc2 100644
--- a/provider_base/services/openvpn.json
+++ b/provider_base/services/openvpn.json
@@ -24,7 +24,8 @@
"auth": "SHA1",
"cipher": "AES-128-CBC",
"keepalive": "10 30",
- "tun-ipv6": true
+ "tun-ipv6": true,
+ "fragment": 1500
}
},
"obfsproxy": {
diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index 97cf2842..466f6d00 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -85,6 +85,18 @@ define site_openvpn::server_config(
key => 'tcp-nodelay',
server => $openvpn_configname;
}
+ } elsif $proto == 'udp' {
+ if $config['fragment'] != 1500 {
+ openvpn::option {
+ "fragment ${openvpn_configname}":
+ key => 'fragment',
+ value => $config['fragment'],
+ server => $openvpn_configname;
+ "mssfix ${openvpn_configname}":
+ key => 'mssfix',
+ server => $openvpn_configname;
+ }
+ }
}
openvpn::option {