Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    MTU issues IPV4

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bgibson
      last edited by

      Afternoon,
      Over the weekend, I noticed two sites that were originally working proerply showed a VPN status of up, but my OSPF state was changed to EXStart/DRother. As far as ISP, nothing has changed. First thing that came to mind was NAT and MTU so I checked NAT first and everything is correct. Disabled tunnels, reconfigured nat to be on the safe side with the same results. Stepped back to MTU and noticed that I can ping the ISP gateways at 1500mtu but from one end of the tunnel to another, the max is can send is 1387mtu. Can anyone shed some light on this. Im running version 2.3 on my central site (have been for some time now) and I tired updating the remote site to 2.3.3_1 with no luck. I checked the ifconfig on both sides and all mtu settings are set to 1500. Things I tried for testing were:
      1. under the open vpn, set the mssfix 1347 (no luck no matter how low I went)
      2. created the VPN and then assigned it to an interface, set the MTU there, same result.

      It's strange that two of my sites are doing this. I built another VPN at another site and connected back and the OSPF exchanged just fine.

      This has me stumped and I'm bringing on two new sites within the next 3 weeks. Never ran into this issue using OVPN.

      1 Reply Last reply Reply Quote 0
      • N
        neiloNeil
        last edited by

        Are you running through a switch at anypoint ? Is the MTU changed in a switch?
        Worth a a shot. Other than Im not sure

        1 Reply Last reply Reply Quote 0
        • B
          bgibson
          last edited by

          Thanks for the reply. Going to check the switches this afternoon.

          Is there a way to change the MTU size of an OpenVPN? I see the default is 1500 but to get them running until I can find the problem, I want to change it.

          1 Reply Last reply Reply Quote 0
          • B
            bgibson
            last edited by

            Afternoon,
            So I believe the MTU issue lies with my Insight connection in Kentucky. There are no switches in between the router and the ISP modem (unless you count the ISP device as a switch  ;)) From public ip of router 1 to public ip of router 2, I can send 1500 mtu packet size. Once I turn the VPN on, from one end of the tunnel to the other, I can only push 1387. So from both of my routers, I did an ifconfig ovpns# mtu 1387 and on my client, ifconfig ovpnc# mtu 1387 and instantly, my neighbors were able to exchange OSPF information.

            My question now is, how do I permanently set this as once I reboot the routers, they go back to 1500. I checked the config.xml file but do not see anything for mtu set to default.

            1 Reply Last reply Reply Quote 0
            • B
              bgibson
              last edited by

              Morning - anyone have any information regarding this? I need to be able to save the mtu size of my openvpn so after a reboot, it doesn't change back to 1500.

              thanks

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.