-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Check the tcp metrics (ip tcp_metrics) and look at the MSS.
On 19.09.2017 16:57, Turbo Fredriksson wrote: > This is spooky!! > > I ran > > ip link set dev eth0 mtu 1500 > > on all > instances in the chain. Then run > > iptables -A FORWARD -p tcp -m tcp > --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu > iptables -A FORWARD > -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 128 > > on both the > VPN instances. > > Still didn’t work. > > I then reverted all that, set the > MTU on the interface BACK to 9001 on > all the instances AND deleted those > iptable rules - s/-A/-D/g, and all of > a sudden it worked!! > > Very spooky! > -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEENSSTvrX3jmMTcq8t9U7kCwc5rWwFAlnBMRwACgkQ9U7kCwc5 rWyFfBAAtfCIhBSsDXaMC6iujgW9i4AN8E37Bn2mACUQS0Z3jUlv1tYP7e5q+Jsr E5v6Vh6ZMRwx4qk/mMBB6GqaaggpBFQOglnaF+bAK3lcdEl1adrFsnkUjpomZf4a MjKty84vLytK7qRTuegHmg4cRS0qM6EONMD5FddcgbkMsi7P+LLbjkYy5cX2r5UC tOXmcy3ribjp0mr49gIQGLC1Lf/S7cdOs2mXTcCWxnB0j0UB/X6K38SdAMBXatIC 4SsNLNHbjkLMXhOcy6vvKGZpnfeEBgbmDLw7zRYkHhsDsCGhhqT9xWJc19U6ZpGe +mPANtJTeytPPWTMYzErNVoEo9asLtwUveEA3NHY47Q5DxFRFVx7qpjqcI8co4w9 CrqElRMo3abEbVXLQ2B4spvpEdlTIdvMS9XW7rJQPEOkurmDv7UjJof828x6Pv+J EcQT0gUvi6QcaD3w7BiK4Jr43cUIrWCtP5OuMTKDHb4tw2yICxMUJZRXKlX1nhBv 0RHpLh7DI5z3kEcbmMUBV1Yn3a9rVsneIljOm7HkWEoJ+Q7gjTTyThmeO8uHhkCx aj+ts7Wzpie4pygxD5FoMRShZQ9/dbhz51+l4amV3YJeB4MwmGz/KqjTcc0HxM38 PIp7Hk/TFU7bAm2AZDNDv2HOSWRBUSoclEpjNjWrLr4jf7FAITg= =dVpj -----END PGP SIGNATURE-----
