Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Login

    PPPoE packet loss problem (MTU?)

    General pfSense Questions
    2
    6
    7.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      clarknova
      last edited by

      I'm trying to diagnose and sort out an mtu problem with my multilink PPPoE connection and could use some assistance.

      My pppoe interface is a 6-line MLPPP connection. Certain SSL web sites won't load completely and I suspected an MTU problem, so I did some testing.

      When ping from pfsense to the upstream gateway, any payload size (-s) less than 1425 elicits a response, while any payload greater than 1424 times out (with no response appearing on tcpdump -i pppoe0 either).

      I tried setting the mtu of pppoe0 to 1452 (using ifconfig in the shell). I tried setting the MTU and MRU of the member interfaces to 1452 (PPPs page in the GUI). None of these changes changed the result that no echo request packet larger than 1452 elicits a response from the ISP's gateway router.

      No doubt I have configured something wrong due to a lack of understanding of PPP or MTU, but I'm not sure what to do about it, and I would appreciate some guidance.

      My /var/etc/mpd_wan.conf file for reference:

      
startup:
        # configure the console
        set console close
        # configure the web server
        set web close

default:
pppoeclient:
        create bundle static wan
        set iface name pppoe0
        set iface route default
        set iface disable on-demand
        set iface idle 0
        set iface enable tcpmssfix
        set iface up-script /usr/local/sbin/ppp-linkup
        set iface down-script /usr/local/sbin/ppp-linkdown
        set ipcp ranges 0.0.0.0/0 0.0.0.0/0
        #log -bund -ccp -chat -iface -ipcp -lcp -link

        create link static wan_link0 pppoe
        set link action bundle wan
        set link enable multilink
        set link keep-alive 10 60
        set link max-redial 0
        set link disable chap pap
        set link accept chap pap eap
        set link disable incoming
        set link mtu 1452
        set link mru 1452
        set auth authname "username@teksavvy.com"
        set auth password secret
        set pppoe service ""
        set pppoe iface em0_vlan201
        open

        create link static wan_link1 pppoe
        set link action bundle wan
        set link enable multilink
        set link keep-alive 10 60
        set link max-redial 0
        set link disable chap pap
        set link accept chap pap eap
        set link disable incoming
        set link mtu 1452
        set link mru 1452
        set auth authname "username@teksavvy.com"
        set auth password secret
        set pppoe service ""
        set pppoe iface em0_vlan202
        open

        create link static wan_link2 pppoe
        set link action bundle wan
        set link enable multilink
        set link keep-alive 10 60
        set link max-redial 0
        set link disable chap pap
        set link accept chap pap eap
        set link disable incoming
        set link mtu 1452
        set link mru 1452
        set auth authname "username@teksavvy.com"
        set auth password secret
        set pppoe service ""
        set pppoe iface em0_vlan203
        open

        create link static wan_link3 pppoe
        set link action bundle wan
        set link enable multilink
        set link keep-alive 10 60
        set link max-redial 0
        set link disable chap pap
        set link accept chap pap eap
        set link disable incoming
        set link mtu 1452
        set link mru 1452
        set auth authname "username@teksavvy.com"
        set auth password secret
        set pppoe service ""
        set pppoe iface em0_vlan205
        open

        create link static wan_link4 pppoe
        set link action bundle wan
        set link enable multilink
        set link keep-alive 10 60
        set link max-redial 0
        set link disable chap pap
        set link accept chap pap eap
        set link disable incoming
        set link mtu 1452
        set link mru 1452
        set auth authname "username@teksavvy.com"
        set auth password secret
        set pppoe service ""
        set pppoe iface em0_vlan206
        open

        create link static wan_link5 pppoe
        set link action bundle wan
        set link enable multilink
        set link keep-alive 10 60
        set link max-redial 0
        set link disable chap pap
        set link accept chap pap eap
        set link disable incoming
        set link mtu 1452
        set link mru 1452
        set auth authname "username@teksavvy.com"
        set auth password secret
        set pppoe service ""
        set pppoe iface em0_vlan207
        open

      db

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        Verify with your ISP that "ppp multilink fragment disable" is turned off on their end.

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 0
        • C
          clarknova
          last edited by

          Thank you for the suggestion. I have inquired and will post back updates.

          db

          1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer
            last edited by

            clarknova- any progress??

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            1 Reply Last reply Reply Quote 0
            • C
              clarknova
              last edited by

              I had "Disable Firewall Scrub" checked. Unchecking this fixed the problem. I'm a little embarrassed, as I really thought that I had tried this already. Thanks for the responses.

              db

              1 Reply Last reply Reply Quote 0
              • chpalmerC
                chpalmer
                last edited by

                Cool- good to see its working for you!

                Now I need to go loiok at my setup and see if I have that checked or not…

                :)

                Triggering snowflakes one by one..
                Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post