EA4500 strange floating MTU? issue

RickAtreides · July 29, 2019, 7:04am

         +--- Router ------- +      +-----ISP Router -----+
LAN  ->  |            port 4 |   -> |  port 1        GPON | -> uplink
         |               wan |   -> |  port 2             |
         +-------------------+      +---------------------+

ISP router - huawei hg8120h, I've readonly access to it's interface. This router split incoming traffic in two VLAN - for IPTV and internet. And in internet VLAN there is PPPoE connection established.

In my router, I've create vlan for IPTV, and forward igm traffic to LAN via igmpproxy
Both interfaces on my router receive ip via DHCP. Default gateway is set by dhcp via wan.

This scheme was setup a year ago on TP-Link WR1043ND v1 with Chaos Calmer, and works properly (except known issue with wifi drops and restarts)
Last week, I've brought used EA4500. It was successfully flashed with 18.06.4-r7808, and configuration was migrated (check on old router, configure on new one).

Initially - it works ok.
Then from time to time, I've got trouble with internet connection. It is happened without any fixed amount of time, it was not "permament" (I mean it could recover after some time).

Issue is - ping, dns lookup performed normally, some http traffic passed ok, https mostly did not work.

At first I've try to check with wget and got success resolve of domain, and got two redirects -

bbc.com -> www.bbc.com
www.bbc.com -> https://www.bbc.com

and then no output.

Here I came to idea, that it is MTU issue.
With tcpdump - I've see, that when I have problem and I've make request, from the remote server on wan port I've receive packet with MSS 1412, I've try to lower MTU on WAN interface bellow this value, without success.

In config - syn flood protection is set, MSS clamping is set on WAN.

Currently, to resolve this issue I need to restart my router, ISP router, or just physically disconnect wan port and connect it again. Then traffic flow is restored for some time.

If I connect laptop directly to ISP port 2, then connection is worked stable, at least one hour (did not test more time). But with router, when I have this problem, I can't download anything from the router too (like opkg upgrade or install some package). Even if I flush firewall (filter and nat tables)

Now, I have out of ideas, what could I check more or what configuration change to resolve this issue.

Any help will be appreciated

psyborg · July 29, 2019, 9:48am

try to see, if hitting restart (first on wan and then on lan interface) in luci network interfaces section will work

RickAtreides · July 30, 2019, 8:02am

Thanks for your suggestion, but it does not help.

Now, I've perform another test with
iperf -c remote.server -i 1 -t 2 -V -p 5901 -w 64k

Here, traffic capture when connection reset happen during test

So I see, that ACK Seq=1 Ack=1437, that on remote 0.065 did not came to WAN interface
What could be reason for that - I do not know.
Packet has 56 byte length, data len - 0, what wrong with this packet?
Previous ACK Seq=1 Ack=25 passed without issues.

All of that make me think, that it is not my or OpenWRT, but ISP issue, however I still can't correctly describe "what they do wrong", to make resolving process take less time.
Or how to reproduce issue with laptop connected directly to ISP's router, so they have no chance to decline this issue

RickAtreides · July 30, 2019, 8:03am

And here traffic capture for correct flow (in separate post due to new user limitations)

RickAtreides · August 1, 2019, 6:31am

So, finally, issue was resolved, for now

What was checked:
First of all, I bridge wan port from ISP to one of wlan interface (2.4), so with two devices I was able to perform check connection "with" and "without" router. And after a short time, I've see, that when I begin receive connection timeouts throw router, other, "bridged" connection still works properly.

And I came again to root cause in router/wrt.
Next attempt was to reinstall openwrt. I've try to flash trunk version, but it was same as release, and nothing was changed, so I've install 18.06.3

After reinstalling, I've wait for hour, and there was no issues. But, then I've found, that I did not install igmpproxy for IPTV (via opkg), and just after installation I've got connection reset.

So, problem was with udp multicast traffic, and this could explain "floating" nature of issue - because udp flow change in time

Initially, EA4500 has two cpu ports in switch, and they configured one for lan, and one for wan
0, 1, 2, 3 - Lan ports, 4 - Wan port, 5, 6 - Cpu ports

Lan Vlan: '0 1 2 3 5t', and Wan Vlan: '4 6t'

When I've add iptv vlan, I've put it on same cpu port as WAN
Lan Vlan: '0 1 2 5t', and Wan Vlan: '4 6t', IPTV: '3 6t'

And when I've move iptv traffic from "wan cpu port" to "lan cpu port" - issue disappear, and still works (for 12 hours this moment)
Lan Vlan: '0 1 2 5t', and Wan Vlan: '4 6t', IPTV: '3 5t'

Where the problem is - I do not know, may be hardware switch is not capable to pass traffic and some packets was lost.
But - in this configuration - all works as expected.

I hope this helps someone.

system · August 11, 2019, 6:31am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.