[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] OpenVPN 2.0 Final, Branching, and Updates

  • Subject: Re: [Openvpn-users] OpenVPN 2.0 Final, Branching, and Updates
  • From: James Yonan <jim@xxxxxxxxx>
  • Date: Wed, 16 Mar 2005 21:27:21 -0700 (MST)

On Wed, 16 Mar 2005, Jan van Rensburg wrote:

> Hi,
> Some more updates on the Mac problems.
> I've made tcpdump logs of the traffic between mail client and the 
> server when working via the linux and mac OpenVPN clients. They can be 
> downloaded at:
> http://xen.epiuse.com/openvpn/tcpdump_log_mac.txt.gz
> http://xen.epiuse.com/openvpn/tcpdump_log_linux.txt.gz
> > You say that you see this problem when running a multithreaded email
> > client over the tunnel.  Can you reproduce with other application 
> > traffic
> > scenarios, such as by running two simultaneous FTP sessions over the
> > tunnel?  If so, can you set up a test where a single FTP session works
> > correctly, but attempting a second simultaneous FTP connection fails?
> I opened 25 chargen sessions to another server on the same LAN, but it 
> kept on connecting fine. I expected it to fail after about the 10th 
> session, but no. Some of the sessions did start getting a bit slow, but 
> data did come through.

It would be useful to attempt to reproduce the failure with other 
applications, if possible.

> > Have you tried to query the author of the Mac TUN/TAP driver to get his
> > intuition on whether this might be a TUN/TAP driver bug, or a bug in
> > userspace openvpn, or a configuration issue?
> I've email Mattias, who also asked for tcpdump logs, but said "I really 
> have no idea what in the driver could cause that multiple connection 
> problem you describe. The driver only deals with the IP layer and 
> below, so it really doesn't know about connections..."

True, but most TUN/TAP device drivers must maintain an internal queue for
at least the kernel -> userspace data direction, and if this queue
overruns due to a burst of packet activity, the effect could be seen at
the application level (I've seen FTP sessions running over a Linux TAP
interface stall because of an insufficiently sized txqueuelen parameter in
the TUN/TAP driver).

I'm also thinking that since this problem is independent of whether TCP or
UDP is used as the tunnel transport protocol, that it only occurs on Mac,
and that it only occurs with a specific IMAP client, the problem might be
with the IMAP client, or with the way that it is interacting with the
Mac's network stack.


Openvpn-users mailing list