dropping UDP packets in openconnect VPN
er0ck
erocks at gmail.com
Tue Aug 16 16:45:52 EDT 2011
Hi all.
i'm having really poor AFS performance over our VPN, and i
discovered that it seems to be dropping/losing all UDP packets inside
the VPN tunnel
I'm not sure if the VPN connection is TCP nor UDP as i'm not sure
how i can tell.
here is its ifconfig:
tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:<mineIP> P-t-P:<hostIP> Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1406 Metric:1
RX packets:4998 errors:0 dropped:0 overruns:0 frame:0
TX packets:6518 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1747448 (1.6 MiB) TX bytes:1678564 (1.6 MiB)
all i know is that it appears to drop all UDP packets if i do a
traceroute -U to any host inside the VPN.
traceroute -U to any host outside the VPN (my network, internet) works fine.
if i traceroute -U -i tun0 to any site outside i also lose all UDP
packets (since it's using the vpn tunnel device)
traceroute tcp work both inside and outside VPN
traceroute -UL to VPN hosts drops all UDPLITE packets
i've never had to debug my own vpn connection, so your tips on trying
different size packets at least allowed me to try something different.
looks like 28byte packets is the minimum?
traceroute -U 9.62.112.18 16
traceroute to 9.62.112.18 (9.62.112.18), 30 hops max, 28 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
few larger sizes didn't allow any packets through either.
any advice on how/where to look next would be most appreciated. thanks!
______________________________________________
Too brief? Here's why: http://emailcharter.org
More information about the openconnect-devel
mailing list