Device: RUTX11
Firmware: Latest (RUTX_R_00.02.01.1_single.bin)
Factory reset: Done
Hello,
the RUTX11 Web GUI for OpenVPN client connections has a toggle-switch for "LZO".
Disabled: option comp_lzo 'no' is written to /etc/config/openvpn
Enabled: option comp_lzo 'yes' is written to /etc/config/openvpn
This is technically wrong, because the comp-lzo directive has four states:
- on
- off
- adaptive (it is decided per packet/stream/whatever, if comp-lzo is used or not)
- not set (= not present in config at all)
The difference between 2.) ("no") and 4.) ("not present in config at all") is (AFAIK), that if OpenVPN detects option "comp-lzo" (regardless of the actual setting), one byte is automatically reserved for LZO protocol information. This leads to wrong MAC address information (at least in TAP mode) on the server, because the header is shifted by one byte on the client, but not on the server.
On RUT950, LZO had also a checkbox, but different behavior:
- Checked: comp-lzo yes ("1.)")
- Unchecked: no comp-lzo directive in config at all ("4.)")
Workaround via SSH:
uci delete openvpn.xxxxx.comp_lzo
uci commit
Where xxxx is the name of the connection.
It would be nice if we could get a dropdown-list for all available states of comp-lzo or could get removed the toggle switch at all and tell users to put their favorite comp-lzo behavior in "extra" options.
Kind regards,
Tobi
