Our application is a VPN app based on PackTunnelProvider.
In order to handle traffic based on domain name or accelerate it through a tunnel, we intercept almost all traffic.
The problem arises with the traffic that is being sourced back. We found that when the VPN is enabled and uploading files, the TCP data being sourced back through our VPN code is noticeably slower.
After capturing packets and analyzing them with Wireshark, we found that our TCP packets are being split, resulting in one larger packet and one smaller packet (as shown in the image below). However, when we checked our code's logs for the data being written to the TCP, we did not find any of these smaller packets.
Android also uses the same code, but Android does not have similar situations as shown in the figure below.
The code logic is that the data received from the VPN is parsed by lwip and then sent out through TCP.
I would like to ask why this situation occurs on iOS and if there is any way to avoid or optimize it.