Tweet
When I installed OpenVPN 2.4.12 in the Ubuntu 20.04 system and built an OpenVPN tunnel for transmitting files between clients in an encrypted tunnel.
Confuguration of Clients and Server:
But I encountered a problem: whether the tunnel is established using UDP or TCP, some of our files will always fail to transfer under the OpenVPN tunnel.
Both clients use UDP protocol to transfer files. The UDP tool used by the file sending end sends the file (10108 bytes) directly through a tunnel without subcontracting the file data. By using Wireshark to capture traffic, it can be seen that the sender has already sent out the file. At this point, due to the data of the file exceeding the path MTU, the file will inevitably be sharded by the IP layer and transmitted to the receiving end through a tunnel. Due to the failure of the receiving end to receive the file, I grabbed the traffic from the receiving end's tun interface and found that although all the shard packets were received, the UDP reassembly packet was not received. This results in even if all shards are received, the receiving end still cannot receive them in the absence of reassembly packets.
At first, I thought it was a problem with my server, so I replaced it with another server and installed 2.4.6\ in Ubuntu 20.04. I found that the same file transfer failed.
I compared the use of other L3 VPN IPsec tunnels (ESP mode) to transfer this file, and we found that it can be successfully transmitted to the file receiving end through the IPsec encryption tunnel.
Sender:
Reciver:
I have tried changing the MTU and using OPENVPN's automatic detection function, but none of them have solved my problem. So, seek help here. Thank you very much!
Confuguration of Clients and Server:
But I encountered a problem: whether the tunnel is established using UDP or TCP, some of our files will always fail to transfer under the OpenVPN tunnel.
Both clients use UDP protocol to transfer files. The UDP tool used by the file sending end sends the file (10108 bytes) directly through a tunnel without subcontracting the file data. By using Wireshark to capture traffic, it can be seen that the sender has already sent out the file. At this point, due to the data of the file exceeding the path MTU, the file will inevitably be sharded by the IP layer and transmitted to the receiving end through a tunnel. Due to the failure of the receiving end to receive the file, I grabbed the traffic from the receiving end's tun interface and found that although all the shard packets were received, the UDP reassembly packet was not received. This results in even if all shards are received, the receiving end still cannot receive them in the absence of reassembly packets.
At first, I thought it was a problem with my server, so I replaced it with another server and installed 2.4.6\ in Ubuntu 20.04. I found that the same file transfer failed.
I compared the use of other L3 VPN IPsec tunnels (ESP mode) to transfer this file, and we found that it can be successfully transmitted to the file receiving end through the IPsec encryption tunnel.
Sender:
Reciver:
I have tried changing the MTU and using OPENVPN's automatic detection function, but none of them have solved my problem. So, seek help here. Thank you very much!