We have a customer using m0n0wall as firewall with an bridged Thompson Speedtouch DSL modem. The
customer is using openvpn client on a computer behind the firewall which connects to our openvpn
server in our datacenter. The customer experiences timeouts when running applications over the vpn
tunnel. I have done some ping tests over time and it has been a variable big amount of packetloss
over the tunnel.
The customer is not experiencing instability with normal internet surfing etc. I have noticed that
openvpn client - server is using mtu 1500bytes, but when i ping our datacenter gateway I can only
get thru 1472bytes from the customers network.
I did some further tests with openvpn's mtu-test option. This is the result BEHIND m0n0wall:
Tue Dec 22 10:10:39 2009 us=93000 NOTE: Empirical MTU test completed [Tried,Actual]
Tue Dec 22 10:10:39 2009 us=93000 NOTE: This connection is unable to accomodate a UDP packet size of
1541. Consider using --fragment or --mssfix options as a workaround.
This is the result without the m0n0wall with an computer connected directly in the dsl modem:
Tue Dec 22 09:41:51 2009 us=734000 NOTE: Empirical MTU test completed [Tried,Actual]
Does anyone know if this is related to the problems our customer is experiencing? The customer also
got an new bridged dsl modem a couple of weeks ago. Could it be the combination of m0n0wall and the
new modem that is causing the problem?
The m0n0wall has a very standard configuration with blank mtu field, block all incoming, no NAT.
Any other tips/help is much appreciated!