Openvpn strange issue after upgrade

I upgraded my router from 19.07.4 to 21.02.0-rc4 a couple of weeks ago.

Just figured today when using my Openvpn for first time that something odd is going on.
After I setup the tunnel from external to internal pings (ICMP) and DNS requests are working no issue but TCP communication get stuck. Means e.g. if I open a ssh connect to a device behind the router a couple of packages goes through but connection not established.

SSH client debug ends with

debug1: kex: server->client cipher: MAC: <implicit> compression: none
debug1: kex: client->server cipher: MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

Could this be a MTU issue and how could it be related to the upgrade?

These are the MTU info from the log file

Control Channel MTU parms [ L:1624 D:1182 EF:68 EB:0 ET:0 EL:3 ]
Data Channel MTU parms [ L:1624 D:1400 EF:124 EB:406 ET:0 EL:3 ]
Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,xxxx
Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1560,tun-mtu 1500,xxxx
Client_01/ Data Channel MTU parms [ L:1552 D:1400 EF:52 EB:406 ET:0 EL:3 ]
1 Like
1 Like

@vgaetera many thanks exactly that was the issue. Disabling compression (or using lz4) solved the issue.
I was just confused by the fact that only larger packages where impacted therefore thought in direction of MTU.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.