discussions icon indicating copy to clipboard operation
discussions copied to clipboard

Published 20 hours ago verified publisher icon StreisandEffect

Openconnect VPN fingerprint (MTU)

Open trochdewei opened this issue 7 years ago • 2 comments

Expected behavior:

It's desirable to hide that i use VPN

Actual Behavior:

Site http://witch.valdikss.org.ru/a reports that "MTU = 1269 <...> MTU is strange. Probably OpenVPN."

Steps to Reproduce:

  1. Default Openconnect setup using Streisand(existing server, ubuntu 16.04.4, ocserv 0.10.11-1build1) How can i change MTU value? Setting mtu = 1334 doesn't work as i can see ip link show vpn0 5: vpn0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1268 qdisc fq_codel state UP mode DEFAULT group default qlen 500 link/none

trochdewei avatar Apr 30 '18 17:04 trochdewei

to be clear, this is how ISPs can find out if I'm using VPN?

hadifarnoud avatar May 18 '18 11:05 hadifarnoud

It might be useful to lots of people to force a low but consistent MTU on a whole server. @alimakki may have some ideas on how to manage MTU weirdness on ocserv.

nopdotcom avatar May 27 '18 20:05 nopdotcom