[strongSwan] High latencies
Turbo Fredriksson
turbo at bayour.com
Tue Sep 19 16:57:11 CEST 2017
This is spooky!!
I ran
ip link set dev eth0 mtu 1500
on all instances in the chain. Then run
iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 128
on both the VPN instances.
Still didn’t work.
I then reverted all that, set the MTU on the interface BACK to 9001 on
all the instances AND deleted those iptable rules - s/-A/-D/g, and all of
a sudden it worked!!
Very spooky!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170919/fc0dca6b/attachment.sig>
More information about the Users
mailing list