Allowing space for packet headers in Wintun Tx/Rx

David Woodhouse dwmw2 at
Mon Apr 12 13:00:21 UTC 2021

On 12 April 2021 12:38:30 BST, Simon Rozman <simon at> wrote:
>> > We'll also need to be able to WintunAllocateSendPacket() of the
>> > possible MTU, then receive and decrypt into that, and send only the
>> > actual size of the packet we received.
>How about this:
>Should be backward compatible. Tested with the existing stable
>wireguard-windows release 0.3.10.

Looks good; thanks. However...

>> 2) Some VPN protocols concatenate multiple packets into a single
>> aggregate on the wire. On Linux we can decrypt, truncate, and send to
>> the tunnel interface without further copying.
>> Case (1) can be handled with overallocate-and-shrink. Case (2) is
>> rare among the protocols that OpenConnect supports, so fallback to
>> memcpy seems fine.

Case (2) is fairly easy to handle when the L3 packet size doesn't use up the whole TUN_PACKET size, isn't it? We can loop and consume multiple smaller packets?

Sent from my Android device with K-9 Mail. Please excuse my brevity.

More information about the WireGuard mailing list