openvpn - support customizing --fragment, and set default to 1400

author: elijah <elijah@riseup.net> 2014-11-10 20:43:24 -0800
committer: elijah <elijah@riseup.net> 2014-11-10 20:43:24 -0800
commit: b9d2030beb890e8dccbbe42bfcc430a2c2702a92 (patch)
tree: 6f45c3c6f7a51cb836015ba4767c9d25935a1e54 /puppet/modules
parent: d62f07ab408c6ff4d9d28a452c855ee6ed6cd758 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/puppet/modules/site_openvpn/manifests/server_config.pp b/puppet/modules/site_openvpn/manifests/server_config.pp
index 97cf2842..466f6d00 100644
--- a/puppet/modules/site_openvpn/manifests/server_config.pp
+++ b/puppet/modules/site_openvpn/manifests/server_config.pp
@@ -85,6 +85,18 @@ define site_openvpn::server_config(
         key     => 'tcp-nodelay',
         server  => $openvpn_configname;
     }
+  } elsif $proto == 'udp' {
+    if $config['fragment'] != 1500 {
+      openvpn::option {
+        "fragment ${openvpn_configname}":
+          key    => 'fragment',
+          value  => $config['fragment'],
+          server => $openvpn_configname;
+        "mssfix ${openvpn_configname}":
+          key    => 'mssfix',
+          server => $openvpn_configname;
+      }
+    }
   }
 
   openvpn::option {
author	elijah <elijah@riseup.net>	2014-11-10 20:43:24 -0800
committer	elijah <elijah@riseup.net>	2014-11-10 20:43:24 -0800
commit	b9d2030beb890e8dccbbe42bfcc430a2c2702a92 (patch)
tree	6f45c3c6f7a51cb836015ba4767c9d25935a1e54 /puppet/modules
parent	d62f07ab408c6ff4d9d28a452c855ee6ed6cd758 (diff)