What's the "best" MTU for NEPacketTunnelProvider

I've implemented a custom VPN using NEPacketTunnelProvider. But I found that if MTU is set to 1500, most sites on internet cannot access via VPN. If I change MTU to 1000, all sites seems to work except for some video share site (e.g. videomega.tv )

Here's my code:

    NEPacketTunnelNetworkSettings *settings = [[NEPacketTunnelNetworkSettings alloc] initWithTunnelRemoteAddress:vpnServerIP];
    settings.IPv4Settings = [[NEIPv4Settings alloc] initWithAddresses:addresses subnetMasks:subnetMasks];
    NEIPv4Route *defaultRoute = [NEIPv4Route defaultRoute];
    NEIPv4Route *localRoute = [[NEIPv4Route alloc] initWithDestinationAddress:localGW subnetMask:gwNetMask];
    settings.IPv4Settings.includedRoutes = @[defaultRoute, localRoute];
    settings.IPv4Settings.excludedRoutes = someIPs;
    settings.DNSSettings = [[NEDNSSettings alloc] initWithServers:dnsServers];
    //what exactly number should I set here?
    settings.MTU = [NSNumber numberWithInt:1000];

    [self setTunnelNetworkSettings:settings completionHandler:^(NSError * _Nullable error)

My question is:

What's the "best" MTU number should I use in NEPacketTunnelProvider, to access all internet sites?

Up vote post of CloudRuan Down vote post of CloudRuan
514 views
Posted by
CloudRuan
Reply
Add a Comment

Replies

Is there a reason you’re setting 

MTU
directly, rather than using 
tunnelOverheadBytes
to set a relative value. That seems like the best choice in general.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment