4. MTU issues IPV4

MTU issues IPV4

  • B

    Afternoon,
    Over the weekend, I noticed two sites that were originally working proerply showed a VPN status of up, but my OSPF state was changed to EXStart/DRother. As far as ISP, nothing has changed. First thing that came to mind was NAT and MTU so I checked NAT first and everything is correct. Disabled tunnels, reconfigured nat to be on the safe side with the same results. Stepped back to MTU and noticed that I can ping the ISP gateways at 1500mtu but from one end of the tunnel to another, the max is can send is 1387mtu. Can anyone shed some light on this. Im running version 2.3 on my central site (have been for some time now) and I tired updating the remote site to 2.3.3_1 with no luck. I checked the ifconfig on both sides and all mtu settings are set to 1500. Things I tried for testing were:
    1. under the open vpn, set the mssfix 1347 (no luck no matter how low I went)
    2. created the VPN and then assigned it to an interface, set the MTU there, same result.

    It's strange that two of my sites are doing this. I built another VPN at another site and connected back and the OSPF exchanged just fine.

    This has me stumped and I'm bringing on two new sites within the next 3 weeks. Never ran into this issue using OVPN.

    0
  • N

    Are you running through a switch at anypoint ? Is the MTU changed in a switch?
    Worth a a shot. Other than Im not sure

    0
  • B

    Thanks for the reply. Going to check the switches this afternoon.

    Is there a way to change the MTU size of an OpenVPN? I see the default is 1500 but to get them running until I can find the problem, I want to change it.

    0
  • B

    Afternoon,
    So I believe the MTU issue lies with my Insight connection in Kentucky. There are no switches in between the router and the ISP modem (unless you count the ISP device as a switch  ;)) From public ip of router 1 to public ip of router 2, I can send 1500 mtu packet size. Once I turn the VPN on, from one end of the tunnel to the other, I can only push 1387. So from both of my routers, I did an ifconfig ovpns# mtu 1387 and on my client, ifconfig ovpnc# mtu 1387 and instantly, my neighbors were able to exchange OSPF information.

    My question now is, how do I permanently set this as once I reboot the routers, they go back to 1500. I checked the config.xml file but do not see anything for mtu set to default.

    0
  • B

    Morning - anyone have any information regarding this? I need to be able to save the mtu size of my openvpn so after a reboot, it doesn't change back to 1500.

    thanks

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy