Spontaneous 20% packet loss over OpenVPN tunnel, only fixed after reboot



  • So I'm running a site-to-site OpenVPN setup, and everything is typically fine. 0% packet loss, RTT around 20 ms, RTTsd around 0. But seemingly out of the blue, my tunnel started about 20% of the packets consistently. Ping was fine, but since it was dropping so many packets, and TCP connections through the tunnel were still garbage.
    Less than 1 MB/sec of traffic was going through, so it wasn't a network instability problem. My dashboard showed that my WAN interface was also normal, with no packet loss (not sure if that's normal or not, but it doesn't logically make sense to me since the VPN is technically passing through WAN anyway).

    After about 5 minutes of panicking, I did the good ol' turn-it-off-and-back-on-again for the routers on both ends. Bam, went straight back to normal.
    Beyond nmap, I have no plugins installed, and I have a relatively straightforward configuration. OpenVPN is running in tun mode with AES128CBC over an IPv6 UDP link and no compression.

    Nothing seemed to spark this, it just happened out of nowhere. The OpenVPN logs looked normal, CPU load, MBUF, and state table usage were all at normal values, and nothing else was raising any alarms. I run reboots/backups weekly, so I usually don't run into issues with things breaking after not being rebooted in ages. Has anyone else had this spontaneously happen?


Log in to reply