The TCP connection MSS is set to 1460 bytes and also Don't fragment flag is set. The server selects this MSS as a frame size on its side and packet is dropped, probably. If you are using linux router try to use this command "iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu" or be careful to set MTU on all client machines adapters correctly.

Hi,

I have wireguard interface "veth", and my real interface "eth0".

No bug with openvpn, but with wireguard on IPv4 for https, I have bug, see the attached file, the returned data is 3300byte, then Destination unreachable (Fragmentation needed).

Bug into wireguard? How fix this?

The ok.pcapng it's same https download do with openvpn.

Cheers,

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard