Todo #16658
closed
Automatically configure the OpenVPN tunnel MTU when set in the assigned interface configuration
100%
Description
The OpenVPN server and client can optionally have an assigned interface. This is useful for setting the tunnel MTU and MSS. Though this can all currently be done it requires additional manual steps to work as expected.
- Saving the assigned interface configuration results in the IP addresses being removed and hence the OpenVPN service needs to be manually restarted.
- Setting the MTU on the assigned interface also requires that tun-mtu <size> be set in the OpenVPN custom configuration.
- There's no indication to the user that using a non-default MTU with OpenVPN DCO also requires setting the MSS. This is needed because OpenVPN only does MSS clamping when DCO is disabled.
Make the following changes:
- Automatically restart applicable OpenVPN services when applying interface changes.
- Automatically set tun-mtu as needed. Also add upgrade code to check OpenVPN custom configuration so that tun-mtu isn't set twice.
- When editing an OpenVPN assigned interface, add a note to the MTU field about the potential need for MSS.
Updated by Marcos M 22 days ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset fb490d5ff0f9eb5a42a8b20e6f2d9e4001252d57.
Updated by Georgiy Tyutyunnik 10 days ago
- Status changed from Feedback to Resolved
tested on
25.11.1-RELEASE (amd64)
built on Mon Jan 19 17:25:00 UTC 2026
FreeBSD 16.0-CURRENT
patch works as expected:
- auto-restart on interface config change works;
- tun-mtu present in openvpn config;
- warning present in GUI;
Updated by