Menu
What's new
By:
Filters Better Search

Wireguard MTU?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

hifiwifi

hifiwifi

Regular Contributor
I'm using a Wireguard config from my VPN provider. I notice doing ping tests that it sets the MTU at 1420 for the WG connection.

Is there any advantage to setting the MTU on the modem and/or the router WAN to 1392?

RT-AX86U
 
In your environment? We don't know.

Test, note, and come back and let us know too.
 
It should be a part of the WireGuard configuration but has yet to be present in the latest GUI.
Screenshot_4.png
 
Also, I can't find the parameter "Listen Port" for Client configuration.

Can I see the config file through SSH and configure it manually?
 
I have the issue related exactly with wireguard MTU. Under default client config an opening of the remote "server" router GUI "hangs" by fragmentation reason. When use windows client directly on local PC and I set MTU = 1360 the issue resoves. But I do not see the way to specify this parameter for router. I tried to force this line into the config file then import it into router, but this does not work. May be router's wireguard version is old?
 
dolphin.grayson42 said:
Also, I can't find the parameter "Listen Port" for Client configuration.

Can I see the config file through SSH and configure it manually?
Click to expand...

You don't use listen port in a client config. Just in a server config. In a client config, you specify a port in the endpoint directive.
 
egc said:
It is perfectly legitimate to specify a listen port on the client config, you do not have to and in that case a random port will be chosen.
Click to expand...
True enough. I guess what I was getting at is since a listen port is generally not required to be specifically stated in client setup, the Asus GUI has no option for it. Then again, they don't have an option to set the MTU, so what do I know.....
 
Other third party firmwares have options to set the listen port and MTU.
I have seen problems with MTU (slow, non loading websites with UDP etc.) so having the ability to set MTU is something which is very useful.
Having the option to set a listen port can be useful I have seen providers which expect the same listen port on the Client as on the Server (of course that is a bad implementation) further more if you have multiple tunnels running you have to make sure they all have a different listen port.
 
Sorry to add to this but I am a wee bit confused about the MTU setting for the "Wireguard Server" vs the Peer.
The Peer Configs are exported and I have added MTU=1420 (as a trial) to the [Interface] section of the (presumably) Peer conf file.

I see folks talking about this MTU number needing to be the same (or less) than the Server.
Is the Wireguard 'Server' MTU setting just the MTU 1492 one in the WAN page of the Asus menu?

ta

k.
 

Attachments

  • Interface 1420.jpg
    Interface 1420.jpg
    15.2 KB · Views: 140
jksmurf said:
Is the Wireguard 'Server' MTU setting just the MTU 1492 one in the WAN page of the Asus menu?
Click to expand...
No, it should normally be set to 80 less, so if your wan is 1492 then Wireguard MTU should be set to 1412. But Im not sure how well the firmware handles this. My wan is 1500 and wg server is 1420.
Since the firmware is not supporting custom mtu you will need to ssh into the router to find out what it is set to, or to change it.
 
ZebMcKayhan said:
No, it should normally be set to 80 less, so if your wan is 1492 then Wireguard MTU should be set to 1412. But Im not sure how well the firmware handles this. My wan is 1500 and wg server is 1420.
Since the firmware is not supporting custom mtu you will need to ssh into the router to find out what it is set to, or to change it.
Click to expand...
Thanks for that. As above I just added the MTU= line in to the peer .Conf file, is this the item you are referring to as being ignored by the FW? Importing the Conf into WG in iOS shows up the MTU line which you can amend on the fly.
 
ZebMcKayhan said:
No, it should normally be set to 80 less, so if your wan is 1492 then Wireguard MTU should be set to 1412. But Im not sure how well the firmware handles this. My wan is 1500 and wg server is 1420.
Since the firmware is not supporting custom mtu you will need to ssh into the router to find out what it is set to, or to change it.
Click to expand...
I did not know this, I have been using wireguard for a while. When, or how, did you discover this necessity?
 
ZebMcKayhan said:
No, it should normally be set to 80 less, so if your wan is 1492 then Wireguard MTU should be set to 1412. But Im not sure how well the firmware handles this. My wan is 1500 and wg server is 1420.
Since the firmware is not supporting custom mtu you will need to ssh into the router to find out what it is set to, or to change it.
Click to expand...
could you elaborate which file needs to be amended please, where in the file and any syntax ?

tia

k
 
SomeWhereOverTheRainBow said:
I did not know this, I have been using wireguard for a while. When, or how, did you discover this necessity?
Click to expand...
We have had this discussion in the wgm threads. I initially searched for a "safe" value and set mine to 1412, @Martineau figured this to be 1500 - 80 (for wg) - 8 (for ppp). These figures are all over the internet, wg ipv4 header is 60 bytes, wg ipv6 header is 80 bytes.
https://lists.zx2c4.com/pipermail/wireguard/2017-December/002201.html

So if you are ipv4 only you could boost your mtu to 1440 (or 1432 for ppp) but it will hardly make much difference. Rather a tad to low then too high.
 
Last edited:
You must log in or register to reply here.

Similar threads

B
WireGuard VPN to TorGuard MTU size to use with T-Mobile Home Internet (TMHI)
Replies
0
Views
1K
BlueiPhone
B
T
[GNUTON] RT-AX82U v1 Issue with Wireguard
Replies
2
Views
524
Tech9
Tech9
mattmcspirit
Wireguard - Default wgc1 conf file location?
Replies
9
Views
4K
Aiadi
A
M
How to change MTU of Wireguard Client
Replies
1
Views
3K
ColinTaylor
C
E
Wireguard can't access devices behind asus router
Replies
5
Views
249
ZebMcKayhan
Z
Similar threads
Thread starter Title Forum Replies Date
B WireGuard VPN to TorGuard MTU size to use with T-Mobile Home Internet (TMHI) Asuswrt-Merlin 0
M WireGuard starts failing, anyone else with 3004.388.8_2? Asuswrt-Merlin 4
vlord Wireguard max number of clients Asuswrt-Merlin 1
M Wireguard client doesn't work Asuswrt-Merlin 6
E Wireguard can't access devices behind asus router Asuswrt-Merlin 5
T Wireguard Client VPN not using DNS Asuswrt-Merlin 14
S Wireguard VPN doesn't work, buyer beware Asuswrt-Merlin 6
I Wireguard VPN client does not autostart after reboot Asuswrt-Merlin 2
octopus Wireguard question Asuswrt-Merlin 6
U Entware How to update wireguard? Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 597 (members: 32, guests: 565)
Top