Hi there
I have MT 750 as remote client using ROS 5.6 and openvpn to connect back to the office. Somewhere in the path of one client there are mtu issues out of my control and I can’t figure out how to work around them successfully.
Symptom is any large packets via ssh locks up interface and I need to restart openvpn to clear down and reconnect. This can be caused by /log print without paging or any other command that creates a packet over 1403 bytes.
The server is openvpn on a linux box, and most of mtu workarounds are for udp mssfix, fragment, link-mtu and its recommended not to change tun-mtu from 1500
Standard MTU for already working clients is 1500, just have this one exception. Setting max-mtu on ovpn-client to 1300 and tun-mtu 1300 on vpn causes errors at openvpn server end as it thinks its a bad packet due to lengths being wrong -
WARNING: Bad encapsulated packet length from peer (1414), which must be > 0 and <= 1403 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart
If I set mtu of ether1 which is the upstream link would that reduce mikrotik client ovpn mtu? I have tried lots of combinations but so far nothing works, and everytime I go over 1403 bytes the connection stalls at least until openvpn is restarted, then sometimes it come back
Thanks very much