OpenVPN reverse tunnell incomplete page load HTTP over VPN

sezione dedicata ai sistemi operativi Linux

OpenVPN reverse tunnell incomplete page load HTTP over VPN

Messaggio da leggereda root » 01/01/2017, 19:08

I set up OpenVPN (server and client) on two OpenWRT C.C. routers to obtain a reverse tunnelling because one of the two point was under NAT firewalling and I needed to reach from Internet some services via HTTP (mjpg-streamer cams and the router itself) on the remote LAN that was under firewall.

Basicaly the client router connects to the server router via OpenVPN, then, as soon as the connection is established, the server router redirects some internet ports back to the client trough the VPN tunnel.

Everything worked well, but after an internet blackout on the openvpn server side, I experienced a weird problem:
Incomplete page load of resources via HTTP over VPN. only the page title was loaded in the browser.

Finally I discovered that it was a MTU problem, VPN connections are sensitive to incorrect/low MTU set, if the MTU value is not correct you might experience packets loss (MTU too high) or slow VPN speed (MTU too low)

I solved the issue by setting the MTU value of the Tun0 device to 1310.

To discover the correct value of MTU to be used for your VPN, you need to give the command:
"ping -s 1500 remote_ip" (change remote_ip with the remote VPN ip address, ex: 10.8.0.6)
and decrease the 1500 value by 10 each time, until the ping succeeds. Once the ping succeeds, the value used is the MTU you should use on both sides of the VPN.

I don't know why the VPN tunnell worked well for some time with the default MTU (1500) :(
Maurizio
Avatar utente
root
Amministratore
 
Messaggi: 347
Iscritto il: 10/04/2012, 10:55
Località: Ovada

Torna a Linux

Chi c’è in linea

Visitano il forum: Nessuno e 1 ospite