|
|
On Wed, 08 Oct 2003 13:13:55 -0700, Andrew Clarke <spam@xxxxxxxxx> wrote: > I don't understand what you mean about explicitly binding samba to an > interface or address that the client can see. > > It seems, though, that I am experiencing a problem with any non-trivial > data transfer. For instance, I can ssh in, but if I try to do an ls -la > on a directory, it locks up that ssh session. I can still open another > ssh session though, so the tunnel itself is still up. > > I know this issue has been discussed before on this list. As was > recommended, I added: > > tun-mtu 1500 > tun-mtu-extra 32 > mssfix You probably need a lower MTU. Setting up a connection works because the pakets aren't that large, once more data start being exchanged they may grow, and if there's a blackhole router somewhere along the way it will just drop them. For two different clients of the same cable ISP, both connecting to the same DSL client, I had to lower the MTU for one while it wasn't necessary for the other. The one with the problem was using a DOCSIS modem, the other an older CLDP, but I don't know if that's what caused it. If you disable compression, you can try to determine the optimal value by pinging with different packet sizes with the "don't fragment" flag set. Try 1472 bytes as size first: if that works you don't need to lower the MTU (1472 becomes 1500 bytes after the packet header is added). On windows you can use a command line like ping -f -l <packetsize> <address> On BSD/OsX/*n*x you better do 'man ping' first, it looks like different versions are going around with different switch letters (sometimes no fragmenting is -D, sometimes it's '-M do'). ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |