VPN client connects Linux server access slow phenomenon resolution

My Vyatta operation has been very good, with Ros and Cisco do tunnel connected to Vyatta run OSPF used to turn the wall, the effect has been good. When you use Windows to connect to a VPN, however, you often open the page timeout, but the ping is normal everywhere, so you suspect an MTU or MSS problem.

After several twists and turns, when the Web page timed out, a large number of exceptions occurred in the Vyatta log:

21:02:39 Xirang kernel: [4838172.516489] Pptp2:ppp:compressor dropped PKT

Then I learned that this problem occurs because the Windows VPN client's MPPE (Microsoft Point-to-Point encryption) encryption takes up to 4 bytes in length, The original message plus the MPPE header overhead would exceed the Linux server-side PPTP interface MTU, which would eventually cause the message to be too large to be discarded.

So the essence of the problem is to increase the Linux server-side PPTP interface MTU.

There are three ways to solve the problem:

Edit PPTPD source code, increase MTU;

Use scripting to increase the MTU after the PPTP interface is connected to the up;
Do not use MPPE encryption;

The first, although fundamentally solves the problem, but because the level problem gives up; the third because of the cancellation of transmission encryption, psychological feel unsafe, also gave up;

A second solution was found online, as follows:

/etc/ppp/ip-up.d/mppefixmtu.sh

#!/bin/sh
current_mtu= "' IP link Show $ | Grep-po ' (<=MTU) ([0-9]+) ' "
fixed_mtu= "' Expr $CURRENT _mtu + 4 '"
IP link set $FIXED MTU _MTU

Make sure the script has executable permissions
chmod 755/etc/ppp/ip-up.d/mppefixmtu.sh
This allows the MTU plus 4 to be compatible with Windows MPPE.