<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: <cipe-l,AT,inka,DOT,de>
Subject: Re: Cipe 1.6.0 VPN stalled if big file are transferred
From: "Giacomo Gorgellino" <giacomo.gorgellino,AT,contisoft,DOT,it>
Date: Fri, 3 Mar 2006 15:18:46 +0100
References: <007a01c63ea4$52653180$4b2c66ad@contisoft> <440811AC.504@bank-connect.com> <00ab01c63eaf$1cd248e0$4b2c66ad@contisoft> <440845FB.3020601@bank-connect.com>
Reply-to: "Giacomo Gorgellino" <giacomo.gorgellino,AT,contisoft,DOT,it>

> >>Make sure your firewall allows ICMP in and out.
>
> > In which device my firewall must allows ICMP in and out ? in the "adsl"
> > interface or in the cipcb one ?
>
> Dsl is essential here. If you want you can be selective (search the
> archives or firewalling articles). It would be best to allow those on
> the tunnel too.
>
> PS. I read the list, no need to CC me.
>
> -- 
> Regards, Peter
>
>

I've enabled ICMP on the two endpoints but the problem still remain. I think
I have to make other test...
I found that when scp goes in stall, also other connection on the VPN go
down (i've tried with icmp ping and telnet sessions) and after some seconds
every connection return up and running.

May be some kernel configuration like the default and max recive window size
? I have all defaults configuration but not for those:
/proc/sys/net/ipv4/ip_conntrack_max 65536
/proc/sys/net/ipv4/icmp_echo_ignore_broadcasts 1
/proc/sys/net/ipv4/icmp_ignore_bogus_error_responses 1
/proc/sys/net/ipv4/conf/all/secure_redirects 1
/proc/sys/net/ipv4/conf/all/send_redirects 1
/proc/sys/net/ipv4/tcp_syncookies 1
/proc/sys/net/ipv4/conf/all/accept_source_route 1
/proc/sys/net/ipv4/conf/all/forwarding 1
/proc/sys/net/ipv4/conf/all/log_martians 0
/proc/sys/net/ipv4/conf/all/rp_filter 0

PS: sorry for the CC, this is my first list

-Giacomo-


<< | Thread Index | >> ]    [ << | Date Index | >> ]