On 10-Jan-22 15:37, henning.re...@gmail.com wrote:
Hi,
I run in some connection troubles between two wireguards host (one
running fedora 35, one arch linux). If I tried to transfer large files
through SSH (SCP or btrfs send/receive thorugh ssh through wireguard
tunnel) it stucks after a few byte and nothing transfered anymore.
This happens in the last days, so probably an update on one or both
machines. I also saw, that there some changes on the MTU thing (If I
remember correctly, a per peer MTU is configurable)
However. My first try was just set the MTU to a lower number (MTU =
1200) and yes, scp works again.
Okay, so I did the good old ping test. "ping -M do -s $SIZE -c 1
172.16.0.2" with $SIZE increasing. And that surprised me. It works
until an Size of 36932 Bytes. Checked with wireguard and "MTU = 36932"
and yes, scp still working.
Can somebody explain, why the old default setting of "65456" doesn't
work anymore but the MTU can set to much higher values as typical ones?
Thanks
Henning
Guess: Fragmentation happens somewhere and fragments are blocked at your
router/firewall/host. Blocking fragments is a common, if misguided,
"security enhancement".
A packet trace would provide the necessary clues in any case.
Wireshark is a convenient way to get one.
OpenPGP_signature
Description: OpenPGP digital signature
