Re: [Openvpn-users] Windows client, mysterious routes and MTU issues

["John A. Sullivan III" <jsullivan@xxxxxxxxxxxxxxxxxxx>]

On Sun, 2006-02-05 at 22:21 +0100, Erich Titl wrote:
> John
> 
> John A. Sullivan III wrote:
> > Hello, all.  We are seeing some bizarre behavior with our Windows
> > OpenVPN clients.  We are not seeing the same behavior in the Linux
> > clients.  Our setup is an OpenVPN gateway running openswan connecting to
> > other offices via openswan.  I am just now beginning to peruse the more
> > obscure configuration settings and do some extensive testing but, if
> > anyone knows the answer off the top of their head, it will save me many
> > hours.
> > 
> > Whenever the windows client accesses a station in one of the offices,
> > i.e., across the openswan VPN, an entry for that station is added to the
> > Windows routing table.  Although that is surprising, it would not be too
> > bad except that the MTU on the route is set to 576! 
> 
> Did you disable PMTU discovery on Windoze? The reduced MTU size could be 
> one of the indications. The surprising thing is, how else would the 
> windows client know that his OpenVPN connection is futher tunneled 
> through an OpenSwan connection?
> 
> The result is
> > massive packet fragmentation.
> 
> :-) No surprise
> 
> cheers
> 
> Erich
<snip>
Hi, Erich.  Good to hear from you.
Quite to my shock, the problem appears to be the opposite.  I'll include
more details on a separate post but it appears that openvpn is returning
an icmp fragmentation needed packet with a desired mtu of 0 !!!!! If I
turn off PMTU-D, all works well (not that I really want to do that!)
Thanks - John
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@xxxxxxxxxxxxxxxxxxx

Financially sustainable open source development
http://www.opensourcedevel.com


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users