packet fragmentation when sharing IKEv2 connection

Posted: Mon Apr 16, 2018 12:55 am
by kainotes
I am sharing internet / IKEv2 VPN from my mac mini downstream to a wireless router. When I don't have the VPN on everything is hunky dory. When I do almost nothing works, including Google sites. This seems to be a result of header size / packet fragmentation. If I clamp MSS to the highest value (1460) all of Google's sites will work, but so much of the internet just doesn't. Selecting lazy interfaces seems to fix it sometimes, but only for a bit. Murus is key to my network architecture and cannot really be replaced. Any tips for fixing this? Any possibility of paid support?