Page 1 of 1
Encapsulation Header
Posted: Thu Jul 09, 2020 4:59 am
by MagikMark
Hi Philip!
D you happen to know the header size for:
Http Proxy
Stealth Proxy
Anonymous Proxy
Doing some experiment using AnyConnect Coupled with Proxy
Thanks
Posted: Thu Jul 09, 2020 8:37 am
by Philip
Not sure, but as far as packet sizes and payloads, they shouldn't be any different than standard VPN packets.
Proxies/HTTP operate at the application layer of the TCP/IP networking model, while TCP/IP packet headers are in the transport/networking layers. Same TCP/IP packets with their 40-byte headers (plus VPN tunneling overhead, if applicable) should carry proxy traffic the same as any other HTTP traffic.
Posted: Sat Jul 11, 2020 1:40 am
by MagikMark
Do you happen to have any experience on the impact of:
"netsh interface ipv4 set subinterface"
on the Tap Adapter? This would effectively change the MTU of the adapter
Care to share?
Thanks again
Posted: Sun Jul 12, 2020 2:23 pm
by Philip
You can always try and test, not sure exactly for your situation. After it is changed, you can do a ping -f test to see if packets get fragmented or not.
If it does change the MTU, it will have significant performance impact. It must be small enough to allow for any tunnel headers in addition to the standard 40-byte TCP/IP headers, typical VPN packets being around 1400 bytes. If you make them too small then the header overhead becomes too significant, if they are too big to fit the payload they have to be split, which adds processing delays, etc.