Antonio Quartulli <a...@unstable.cc> 于2021年4月1日周四 下午2:35写道:
> Hi Tony,
>
> On 01/04/2021 04:38, Tony He wrote:
> > Hi Antonio, Arne,
> >
> > According to the dump, this issue is caused by fragment. If I set
> > link-mtu to 1472 in the condition of encryption "none", it's gone.
> > I also can reproduce the fragment in my Linux x86-64 PC and Linux VM .
> > They use kernel 5.4. Fragment affects the performance
> > in the low-end devices. It also consumes more CPU resource in low-end
> > and high-end devices. If I'm not mistaken, we don't need
> > to set link-mtu without dco. Is this a bug? Can you reproduce? Do I
> > still need to upload my dump? If so, maybe I need to provide a link.
>
> You told us what you did to fix, but you haven't fully explained what
> the "broken setup" is. We don't have your configs, so we can't say what
> is creating the issue in your scenario.
>
server config:
root@OpenWrt:/tmp# cat openvpn-sample_server-fragment.conf
data-ciphers none
auth none
topology subnet
persist-key
persist-tun
ca /etc/luci-uploads/cbid.openvpn.sample_server.ca
cert /etc/luci-uploads/cbid.openvpn.sample_server.cert
dev tun
dh /etc/luci-uploads/cbid.openvpn.sample_server.dh
ifconfig-pool-persist /tmp/ipp.txt
keepalive 10 120
key /etc/luci-uploads/cbid.openvpn.sample_server.key
port 1194
proto udp
server 10.8.0.0 255.255.255.0
status /tmp/openvpn-status.log
verb 3
client config:
% cat client-framgment.conf
auth none
client
dev tun
proto udp
remote 192.168.1.1 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
data-ciphers none
verb 2
writepid /var/run/openvpn.pid
> What is the MTU on the DCO and on the transport interfaces when the
> problem shows us?
>
% ifconfig ovpn-dco0
ovpn-dco0: flags=81<UP,POINTOPOINT,RUNNING> mtu 1500
inet 10.8.0.2 netmask 255.255.255.0 destination 10.8.0.2
inet6 fe80::3559:b6c1:3fc3:b8cb prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen
1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1 bytes 134 (134.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
% ifconfig ovpn-dco0
ovpn-dco0: flags=81<UP,POINTOPOINT,RUNNING> mtu 1500
inet 10.8.0.2 netmask 255.255.255.0 destination 10.8.0.2
inet6 fe80::3559:b6c1:3fc3:b8cb prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen
1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1 bytes 134 (134.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
log from openvpn client:
2021-04-01 14:57:31 net_iface_mtu_set: mtu 1500 for ovpn-dco0
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
