Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN, OSPF and UDP fragmentation mess

    OpenVPN
    1
    1
    214
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      matsan
      last edited by

      Hello,
      we have two SG-3100 connecting two sites using OpenVPN. Because one of the sites is a bit unreliable we have a separate LTE Router connected to WAN2 and running multiple OpenVPN tunnels with FRR and OSPF. All this works very reliable.
      Now we have a measure/control system at one site (the "client" site in respect to OpenVPN). The is Shelly brand equipment using CoIoT UDP to connect to Home Assistant (on "server" side) on port 5683 and it's here where the problem starts.
      UDP packets are not reaching Home Assistant on the server side and I have a hunch it's due to MTU and MSS over the OpenVPN tunnel between the sites.
      Tried adding tun-mtu 1472;fragment 1400;mssfix to the OpenVPN server and att magically started to work with the CoIoT traffic! Excellent!
      BUT, at the first Internet failure we noticed that the fail-over did not work!
      So, I checked the FRR OSPF status and saw that they were not connected.
      Removing the tun-mtu etc setting and OSPF immediately started again, but then CoIoT connection was lost.
      Stuck between a rock and hard place...
      The Shelly equipment doesn't have MTU setting on the WiFi interface. I guess one solution would be to lower the MTU on the client SG-3100 LAN interface...?
      Anything else I can try to get both OSFP and CoIoT through the OpenVPN tunnel?

      Thanks,
      /Mattias

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.