Howdy:
I have a openbsd 5.5 Release box running a busy UDP openvpn endpoint
with a 100Mbit circuit. We tunnel SIP traffic, et al, through the openvpn.
It's setup with PF, CARP, and IPSEC. We have done little to tune the OS.
A couple of months ago running 5.2 (we are since upgraded to 5.5 and we
On Fri, Jul 18, 2014 at 09:36:23AM +, Stuart Henderson wrote:
> On 2014-07-17, Darryl Wisneski wrote:
> > netstat -s -p udp |grep "dropped due to full socket"
> > 345197 dropped due to full socket buffers
>
> We're assuming this relates to openvpn packe
> > We are not tuning for fragmentation, nor are we setting mtu on
> > the endpoint.
>
> Doing that might be worth a try. i.e. try to avoid sending UDP packets
> that require extra kernel work (i.e. fragmentation) seeing as openvpn can
> handle that itself.
We messed around with MTU, inside OpenV
On Mon, Jul 28, 2014 at 11:21:46PM -0400, sven falempin wrote:
> On Mon, Jul 28, 2014 at 11:19 PM, Leonardo Santagostini
> wrote:
> > Maybe puppet?
> >
>
> where are you storing the change history ?
>
My colleague and I (ab)use mercurial to this end, then blast the
configs out with ansible. An
> without full debugging it is not possible to know which
> component is failing in the chain. it's just that
> there is a lot of ongoing work on SSL in openbsd,
> so i thought i might bring it up here as the error
> message specifically mentioned SSL.
>
This is not an openbsd issue at all.
I
5 matches
Mail list logo
