UDP VPN - TCP Connection breakup across tunnel

  • Hello folks,

    I have a rather serious issue with a pfsense openvpn connection on which traffic shaping occurs (although I have disabled the shaping and it didn't make a difference)…

    I basically have a VPN end to end over which two DFS servers do replication. However, exactly at the same time (a few minutes) the connections gets reset, and data stops flowing, because the data gets lost on the line somehow (i.e. the outgoing VPN interface sees the packet leaving, but the incoming interface on the peer never sees the packet)...
    The outgoing side then resends the packet a few times before resetting the connection, but none of these packets are seen at the main site.

    Ten minutes later the main site tries to contact the remote site over the connection because it never got the reset, and that connection is then blocked on the remote site (because the state there was reset, since that gateway saw the reset)....

    The firewall log show no blocked connections before the TCP:RA packet, and all interfaces (LAN + VPN) have wide open firewall rules (pass everything any to any)

    I have attached traces from the outgoing and incoming interfaces. Does anyone have any idea why that happens? Why would all of a sudden this one connection across the VPN break down so catastrophically?

    Edit: Ping and everything else works perfectly during that time, so the connection itself doesn't break down.

    Any ideas would be appreciated! Really, any!

  • what's the size of those disappearing packets? My first suspicion is they're too large to fit across the VPN.

