Re: [B.A.T.M.A.N.] MTU/connection problem

[Clemens John <clemens-john@gmx.de>]

[-- Attachment #1: Type: Text/Plain, Size: 2646 bytes --]

On Thursday 17 June 2010 10:44:59 Sven Eckelmann wrote:
> Sounds a little bit like a device is configured wrong. Lets go through the
> devices:
> 
> Laptop:
>  * WiFi: MTU: 1500
> 
> Fonera:
>  * Incoming (to Laptop) WiFi: MTU 1500
>  * Outgoing (to Dir300) WiFi: MTU 1530
>  * Bridge (has bat0 and Incoming WiFi included): MTU 1500
>  * bat0 (has only Outgoing WiFi included): MTU 1500
> 
> Dir300:
>  * Incoming (to Fonera) WiFi: MTU 1530
>  * bat0 (only incoming device included): MTU 1500
> 
> This should work till Dir300. Now send 1500 Bytes large packets to each
> interesting partner (fonera, dir300) and check were it drops.
> 
> This can be done using `ping -M do -s 1472 $IP`.
> 
> If it works till dir300 and drops somewhere in the openvpn/virtual
> openwrt/internet connection then please check there. If it drops before
> then please check your configuration (running, not configuration files)
> and try to summarize those devices as I tried to do above.
> 
> How exactly is openvpn your connection to the internet configured? Do they
> work in an mode which adds extra headers? Do they fragment packets?
> 
> Best regards,
> 	Sven

Sry this should have been gone to the Batman list, so here it is again:

I did this and everything works fine till I try to connect over the vpn. So the 
vpn is the problem I think.

Here is some output of what I tried connecting over vpn:

[floh1111@flohdesktop ~]$ ping -M do -s 1467 10.18.1.1
PING 10.18.1.1 (10.18.1.1) 1467(1495) bytes of data.
1475 bytes from 10.18.1.1: icmp_seq=1 ttl=64 time=85.6 ms
--> Works fine till package size 1467 or lower
----------
[floh1111@flohdesktop ~]$ ping -M do -s 1468 10.18.1.1
PING 10.18.1.1 (10.18.1.1) 1468(1496) bytes of data.
--> Does not work with package size from 1468 to 1472, no error message
----------
[floh1111@flohdesktop ~]$ ping -M do -s 1473 10.18.1.1
PING 10.18.1.1 (10.18.1.1) 1473(1501) bytes of data.
From 10.18.0.3 icmp_seq=1 Frag needed and DF set (mtu = 1500)
-->  Does not work too, but I get an error message trying package size 1473 or 
higher.

We are using OpenVPN in tap mode. Below is our server config:
----
mode server
tls-server

port 1195
proto udp
dev tap
ca /etc/openvpn/ff/ca.crt
cert /etc/openvpn/ff/ffsrv.crt
key /etc/openvpn/ff/ffsrv.key  # This file should be kept secret
dh /etc/openvpn/dh1024.pem
client-config-dir ccd
client-to-client
keepalive 10 120
comp-lzo
max-clients 100
persist-key
persist-tun
status openvpn-status.log
verb 3
-----

I don´t know if openvpn is adding some extra headers but maybe you know?

Thanks
Clemens

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]