Openvpn and rsync crashes site-to-site tunnel
-
Good afternoon Everyone,
I was hoping to find a little guidance to what might be my problem or how I should go about testing my problem. I think it might be an MTU issue but not sure how to test this properly.
Bit of background: two sites both running pfsense
one site older hardware, 2.1.3 version, slow connection in remote-ish area (10down/1up)
other site, newer hardware, 2.2.4 version, cable 105down/15up (can't remember up for sure, currently not at home)openvpn tunnel - P2P shared key, UDP, Tun, aes-128-cbc, sha1 160bit
Server debian running rsync daemon - rsync version 3.0.9 protocol version 30
client os x 10.10.4 - rsync version 2.6.9 protocol version 29rsync options -ahvP
Basic openvpn site-to-stie setup, everything seems to be working as expected for normal maintenance, simple ssh for commands and the like. However when i start to do a file transfer with large files >2gb the tunnel will get 100-300mb in and crash (total transfer seems to be a different each time). Within a few seconds it will come back up. When using rsync I see the below errors:
rsync: writefd_unbuffered failed to write 32768 bytes [sender]: Broken pipe (32)
rsync: read error: Operation timed out (60)
rsync error: error in rsync protocol data stream (code 12) at /SourceCache/rsync/rsync-45/rsync/io.c(604) [sender=2.6.9]I am currently testing with ftp it seems to keep going without error but I have noticed the tunnel has crashed a couple times and came back up. When it finishes I will checksum the remote file and the local to double check everything copied correctly.
Is this an MTU issue?
I have tried using openvpn test option but the results made it look like the default MTU were correct. Should I do some other type of test?
Any ideas would be appreciated. If I left something out please let me know.
Thanks! -
Update, regarding FTP.
As noted the tunnel would continue to crash but this time I was able to get through ~1.5gb of data before the tunnel crashed one last time and FTP could not recover. I had a busy weekend so I wasn't able to test anything else since my last message. -
Another update regarding testing MTU.
I followed testing the MTU similar to this: https://openvpn.net/archive/openvpn-users/2004-11/msg00044.html
I pinged from both sides of the tunnel making sure to set the do not fragment flag and the packet size to 1472.
The result was a successful ping from either or side with total bytes sent as 1480.
Accrading to the link and what I know this would mean my problem isn't MTU related.
At least that's how I understand it. Am I wrong?
-
Good news. More forum searching with a few different terms and I came across this post. https://forum.pfsense.org/index.php?topic=76735.15
This lead me to upgrading the older pfsense install I had at the remote location. After upgrading the tunnel came up and I tested more backups with my original way of using rsync.
So far so good, I have transferred many gigabytes over this tunnel without any random crashes.