SSH/MTU Issues on OpenVPN on OpenWRT 21.02 RC3 (Linux Kernel 5.4.132)

nemesis · July 31, 2021, 8:04pm

I upgraded a custom build based on OpenWRT 21.02 RC3 (Kernel 5.4.132) today and suddenly I can't SSH into some devices through the management openvpn tunnel anymore.

Trying ping -M do -s 1400 on some devices with the old build (kernel 5.4.128) works.
The same on devices with new build (Kernel 5.4.132) doesn't work.

On the new build, the max size that passes through the tunnel is 297: ping -M do -s 297.

I did not change anything in the configuration, only upgraded the firmware.

The same happened a while ago while testing in a different installation in which we were also using wireguard so we just switched to wireguard, but now that this has happened twice in a row while upgrading devices I think there's a problem somewhere and I wonder if anybody else is suffering of the same issue?

vgaetera · July 31, 2021, 8:32pm

There are several known issues:
http://lists.openwrt.org/pipermail/openwrt-devel/2021-July/035840.html
You can also post the VPN client configs and logs.

nemesis · August 1, 2021, 12:53am

I posted there, I think my email si in the moderation queue.

I've been digging quite a lot and I found out the openvpn package was recently changed regarding LZO compression. So I tried disabling lzo compression SSH started to work again.

system · August 11, 2021, 12:53am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.