On 10-Jan-22 15:37, henning.re...@gmail.com wrote:
Guess: Fragmentation happens somewhere and fragments are blocked at your router/firewall/host. Blocking fragments is a common, if misguided, "security enhancement".Hi,I run in some connection troubles between two wireguards host (one running fedora 35, one arch linux). If I tried to transfer large files through SSH (SCP or btrfs send/receive thorugh ssh through wireguard tunnel) it stucks after a few byte and nothing transfered anymore.This happens in the last days, so probably an update on one or both machines. I also saw, that there some changes on the MTU thing (If I remember correctly, a per peer MTU is configurable)However. My first try was just set the MTU to a lower number (MTU = 1200) and yes, scp works again. Okay, so I did the good old ping test. "ping -M do -s $SIZE -c 1 172.16.0.2" with $SIZE increasing. And that surprised me. It works until an Size of 36932 Bytes. Checked with wireguard and "MTU = 36932" and yes, scp still working.Can somebody explain, why the old default setting of "65456" doesn't work anymore but the MTU can set to much higher values as typical ones?Thanks Henning
A packet trace would provide the necessary clues in any case. Wireshark is a convenient way to get one.
OpenPGP_signature
Description: OpenPGP digital signature
