diff --git a/openvpn/crypto/crypto_aead.hpp b/openvpn/crypto/crypto_aead.hpp
index ecb343b8..90ba38fc 100644
--- a/openvpn/crypto/crypto_aead.hpp
+++ b/openvpn/crypto/crypto_aead.hpp
@@ -333,8 +333,7 @@ class Crypto : public CryptoDCInstance
         d.nonce.set_tail(decrypt_key, dc_settings.use64bitPktCounter());
     }
 
-    void init_pid(const int recv_mode,
-                  const char *recv_name,
+    void init_pid(const char *recv_name,
                   const int recv_unit,
                   const SessionStats::Ptr &recv_stats_arg) override
     {
diff --git a/openvpn/crypto/crypto_chm.hpp b/openvpn/crypto/crypto_chm.hpp
index 82cec7d1..5fa13aa6 100644
--- a/openvpn/crypto/crypto_chm.hpp
+++ b/openvpn/crypto/crypto_chm.hpp
@@ -85,8 +85,7 @@ class CryptoCHM : public CryptoDCInstance
         decrypt_.hmac.init(dc_settings.digest(), decrypt_key);
     }
 
-    void init_pid(const int recv_mode,
-                  const char *recv_name,
+    void init_pid(const char *recv_name,
                   const int recv_unit,
                   const SessionStats::Ptr &recv_stats_arg) override
     {
@@ -94,7 +93,7 @@ class CryptoCHM : public CryptoDCInstance
         auto pid_form = PacketID::SHORT_FORM;
 
         encrypt_.pid_send.init(pid_form);
-        decrypt_.pid_recv.init(recv_mode, pid_form, recv_name, recv_unit, recv_stats_arg);
+        decrypt_.pid_recv.init(pid_form, recv_name, recv_unit, recv_stats_arg);
     }
 
     bool consider_compression(const CompressContext &comp_ctx) override
diff --git a/openvpn/crypto/cryptodc.hpp b/openvpn/crypto/cryptodc.hpp
index 394101f1..bc85204c 100644
--- a/openvpn/crypto/cryptodc.hpp
+++ b/openvpn/crypto/cryptodc.hpp
@@ -73,8 +73,7 @@ class CryptoDCInstance : public RC<thread_unsafe_refcount>
                            StaticKey &&decrypt_key)
         = 0;
 
-    virtual void init_pid(const int recv_mode,
-                          const char *recv_name,
+    virtual void init_pid(const char *recv_name,
                           const int recv_unit,
                           const SessionStats::Ptr &recv_stats_arg)
         = 0;
diff --git a/openvpn/crypto/packet_id.hpp b/openvpn/crypto/packet_id.hpp
index f54e31b7..3eb3e8bf 100644
--- a/openvpn/crypto/packet_id.hpp
+++ b/openvpn/crypto/packet_id.hpp
@@ -249,13 +249,6 @@ class PacketIDReceiveType
     static constexpr unsigned int REPLAY_WINDOW_BYTES = 1 << REPLAY_WINDOW_ORDER;
     static constexpr unsigned int REPLAY_WINDOW_SIZE = REPLAY_WINDOW_BYTES * 8;
 
-    // mode
-    enum
-    {
-        UDP_MODE = 0,
-        TCP_MODE = 1
-    };
-
     OPENVPN_SIMPLE_EXCEPTION(packet_id_not_initialized);
 
     // TODO: [OVPN3-933] Consider RAII'ifying this code
@@ -264,8 +257,7 @@ class PacketIDReceiveType
     {
     }
 
-    void init(const int mode_arg,
-              const int form_arg,
+    void init(const int form_arg,
               const char *name_arg,
               const int unit_arg,
               const SessionStats::Ptr &stats_arg)
@@ -278,7 +270,6 @@ class PacketIDReceiveType
         time_high = 0;
         id_floor = 0;
         max_backtrack = 0;
-        mode = mode_arg;
         form = form_arg;
         unit = unit_arg;
         name = name_arg;
@@ -443,7 +434,6 @@ class PacketIDReceiveType
     PacketID::id_t id_floor;    // we will only accept backtrack IDs > id_floor
     unsigned int max_backtrack;
 
-    int mode;         // UDP_MODE or TCP_MODE
     int form;         // PacketID::LONG_FORM or PacketID::SHORT_FORM
     int unit;         // unit number of this object (for debugging)
     std::string name; // name of this object (for debugging)
diff --git a/openvpn/dco/kocrypto.hpp b/openvpn/dco/kocrypto.hpp
index a0b0a724..4b09337b 100644
--- a/openvpn/dco/kocrypto.hpp
+++ b/openvpn/dco/kocrypto.hpp
@@ -56,7 +56,6 @@ struct Info
     CompressContext comp_ctx;
     unsigned int key_id = 0;
     int remote_peer_id = -1;
-    bool tcp_linear = false;
     StaticKey encrypt_cipher;
     StaticKey encrypt_hmac;
     StaticKey decrypt_cipher;
diff --git a/openvpn/dco/korekey.hpp b/openvpn/dco/korekey.hpp
index c67f931f..bcdf4e1e 100644
--- a/openvpn/dco/korekey.hpp
+++ b/openvpn/dco/korekey.hpp
@@ -75,12 +75,10 @@ class Instance : public CryptoDCInstance
         info.decrypt_hmac = std::move(decrypt_key);
     }
 
-    void init_pid(const int recv_mode,
-                  const char *recv_name,
+    void init_pid(const char *recv_name,
                   const int recv_unit,
                   const SessionStats::Ptr &recv_stats_arg) override
     {
-        info.tcp_linear = (recv_mode == PacketIDReceive::TCP_MODE);
     }
 
     void init_remote_peer_id(const int remote_peer_id) override
diff --git a/openvpn/ssl/proto.hpp b/openvpn/ssl/proto.hpp
index a02c6093..084cb3c0 100644
--- a/openvpn/ssl/proto.hpp
+++ b/openvpn/ssl/proto.hpp
@@ -408,9 +408,6 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
 
         TLSCryptMetadataFactory::Ptr tls_crypt_metadata_factory;
 
-        // packet_id parms for both data and control channels
-        int pid_mode = 0; // PacketIDReceive::UDP_MODE or PacketIDReceive::TCP_MODE
-
         // timeout parameters, relative to construction of KeyContext object
         Time::Duration handshake_window; // SSL/TLS negotiation must complete by this time
         Time::Duration become_primary;   // KeyContext (that is ACTIVE) becomes primary at this time
@@ -468,7 +465,6 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
             keepalive_timeout_early = keepalive_timeout;
             comp_ctx = CompressContext(CompressContext::NONE, false);
             protocol = Protocol();
-            pid_mode = PacketIDReceive::UDP_MODE;
             key_direction = default_key_direction;
 
             // layer
@@ -967,21 +963,10 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
             return os.str();
         }
 
-        void set_pid_mode(const bool tcp_linear)
-        {
-            if (protocol.is_udp() || !tcp_linear)
-                pid_mode = PacketIDReceive::UDP_MODE;
-            else if (protocol.is_tcp())
-                pid_mode = PacketIDReceive::TCP_MODE;
-            else
-                throw proto_option_error(ERR_INVALID_OPTION_VAL, "transport protocol undefined");
-        }
-
         void set_protocol(const Protocol &p)
         {
             // adjust options for new transport protocol
             protocol = p;
-            set_pid_mode(false);
         }
 
         void set_tls_auth_digest(const CryptoAlgs::Type digest)
@@ -2321,8 +2306,7 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
                 crypto->init_hmac(key.slice(OpenVPNStaticKey::HMAC | OpenVPNStaticKey::ENCRYPT | key_dir),
                                   key.slice(OpenVPNStaticKey::HMAC | OpenVPNStaticKey::DECRYPT | key_dir));
 
-            crypto->init_pid(c.pid_mode,
-                             "DATA",
+            crypto->init_pid("DATA",
                              int(key_id_),
                              proto.stats);
 
@@ -3842,7 +3826,7 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
         hmac_size = c.tls_crypt_context->digest_size();
 
         ta_pid_send.init(PacketID::LONG_FORM);
-        ta_pid_recv.init(c.pid_mode, PacketID::LONG_FORM, "SSL-CC", 0, stats);
+        ta_pid_recv.init(PacketID::LONG_FORM, "SSL-CC", 0, stats);
 
         reset_tls_crypt(c, dyn_key);
     }
@@ -3900,7 +3884,7 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
             reset_tls_crypt(c, c.tls_key);
             // init tls_crypt packet ID
             ta_pid_send.init(PacketID::LONG_FORM);
-            ta_pid_recv.init(c.pid_mode, PacketID::LONG_FORM, "SSL-CC", 0, stats);
+            ta_pid_recv.init(PacketID::LONG_FORM, "SSL-CC", 0, stats);
             break;
         case TLS_CRYPT_V2:
             if (is_server())
@@ -3914,7 +3898,7 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
              * to indicate EARLY_NEG_START/CONTROL_WKC_V1 support */
             // init tls_crypt packet ID
             ta_pid_send.init(PacketID::LONG_FORM, EARLY_NEG_START);
-            ta_pid_recv.init(c.pid_mode, PacketID::LONG_FORM, "SSL-CC", 0, stats);
+            ta_pid_recv.init(PacketID::LONG_FORM, "SSL-CC", 0, stats);
             break;
         case TLS_AUTH:
             // init OvpnHMACInstance
@@ -3946,7 +3930,7 @@ class ProtoContext : public logging::LoggingMixin<OPENVPN_DEBUG_PROTO,
              *
              */
             ta_pid_send.init(PacketID::LONG_FORM, cookie_psid.defined() ? 1 : 0);
-            ta_pid_recv.init(c.pid_mode, PacketID::LONG_FORM, "SSL-CC", 0, stats);
+            ta_pid_recv.init(PacketID::LONG_FORM, "SSL-CC", 0, stats);
             break;
         case TLS_PLAIN:
             break;
diff --git a/test/unittests/test_crypto.cpp b/test/unittests/test_crypto.cpp
index 0818a107..6cecdece 100644
--- a/test/unittests/test_crypto.cpp
+++ b/test/unittests/test_crypto.cpp
@@ -136,8 +136,7 @@ void test_datachannel_crypto(bool tag_at_the_end, bool longpktcounter = false)
     cryptodc.init_cipher(static_key.slice(openvpn::OpenVPNStaticKey::CIPHER | openvpn::OpenVPNStaticKey::ENCRYPT | key_dir),
                          static_key.slice(openvpn::OpenVPNStaticKey::CIPHER | openvpn::OpenVPNStaticKey::ENCRYPT | key_dir));
 
-    cryptodc.init_pid(0,
-                      "DATA",
+    cryptodc.init_pid("DATA",
                       0,
                       statsptr);
 
diff --git a/test/unittests/test_pktid.cpp b/test/unittests/test_pktid.cpp
index b9e8269e..652fa2ad 100644
--- a/test/unittests/test_pktid.cpp
+++ b/test/unittests/test_pktid.cpp
@@ -1,6 +1,7 @@
 #include "test_common.h"
 
 #include <openvpn/crypto/packet_id.hpp>
+#include <openvpn/crypto/packet_id_aead.hpp>
 
 using namespace openvpn;
 
@@ -17,12 +18,12 @@ void testcase(PIDRecv &pr,
     ASSERT_EQ(status, expected_status);
 }
 
-void test()
+template <typename PIDRecv>
+void do_packet_id_recv_test()
 {
-    typedef PacketIDReceiveType<3, 5> PIDRecv;
     SessionStats::Ptr stats(new SessionStats());
     PIDRecv pr;
-    pr.init(PIDRecv::UDP_MODE, PacketID::SHORT_FORM, "test", 0, stats);
+    pr.init(PacketID::SHORT_FORM, "test", 0, stats);
 
     testcase(pr, 0, 0, 0, Error::PKTID_INVALID);
     testcase(pr, 1, 0, 1, Error::SUCCESS);
@@ -77,6 +78,12 @@ void test()
     testcase(pr, 85, 15, 66, Error::SUCCESS);
 }
 
+TEST(misc, pktid_test_normal)
+{
+    do_packet_id_recv_test<PacketIDReceiveType<3, 5>>();
+}
+
+
 template <unsigned int ORDER, unsigned int EXPIRE>
 void perfiter(const long n,
               const long range,
@@ -97,7 +104,7 @@ void perfiter(const long n,
     long high = 0;
     SessionStats::Ptr stats(new SessionStats());
     PIDRecv pr;
-    pr.init(PIDRecv::UDP_MODE, PacketID::SHORT_FORM, "test", 0, stats);
+    pr.init(PacketID::SHORT_FORM, "test", 0, stats);
 
     for (long i = 1; i < n; i += step)
     {
@@ -144,7 +151,7 @@ void perf(long &count)
     perfiter<ORDER, EXPIRE>(20000, 4, PIDRecv::REPLAY_WINDOW_SIZE / 2, 10, count);
 }
 
-TEST(misc, pktid)
+TEST(misc, pktid_perf)
 {
     {
         long count = 0;
@@ -153,5 +160,4 @@ TEST(misc, pktid)
         perf<8, 5>(count);
         // ASSERT_EQ(4746439, count);
     }
-    test();
 }
diff --git a/test/unittests/test_proto.cpp b/test/unittests/test_proto.cpp
index 112dccd1..8a2ebb81 100644
--- a/test/unittests/test_proto.cpp
+++ b/test/unittests/test_proto.cpp
@@ -958,7 +958,6 @@ int test(const int thread_num, bool use_tls_ekm)
         }
         cp->tls_crypt_ = ClientProtoContext::ProtoConfig::TLSCrypt::V2;
 #endif
-        cp->pid_mode = PacketIDReceive::UDP_MODE;
 #if defined(HANDSHAKE_WINDOW)
         cp->handshake_window = Time::Duration::seconds(HANDSHAKE_WINDOW);
 #elif SITER > 1
@@ -1046,7 +1045,6 @@ int test(const int thread_num, bool use_tls_ekm)
         sp->tls_crypt_metadata_factory.reset(new CryptoTLSCryptMetadataFactory());
         sp->tls_crypt_ = ClientProtoContext::ProtoConfig::TLSCrypt::V2;
 #endif
-        sp->pid_mode = PacketIDReceive::UDP_MODE;
 #if defined(HANDSHAKE_WINDOW)
         sp->handshake_window = Time::Duration::seconds(HANDSHAKE_WINDOW);
 #elif SITER > 1