Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
scarab2013-09-06 14:31:14
openvpn
scarab, 2013-09-06 14:31:14

Hanging up terminal sessions and TCP segment of a reassembled PDU?

I ask for the help of a respected community, because in two weeks I broke my whole brain and the fantasy was over.
There is a remote office which goes through OpenVPN (the gateway on Linux) the terminal on screw servers.
Periodically (sometimes every 10 minutes, and sometimes 2 times a day), the entire office hangs RDP sessions. Without reconnects - just “the picture stops” (according to users), and after 20-60 seconds, work resumes.
Other offices sitting on the same server as a terminal work fine and do not experience problems. The Internet in the "problem" office during freezes works fine. Pings go stably (both to the Internet and to the openvpn server, and through the tunnel to the actual terminal server). Everything is calm in the OpenVPN logs. OpenVPN works, respectively, over TCP.
A sniff on the router with tcpdump followed by wireshark analysis revealed that during hangs there are a lot of packets marked "TCP segment of a reassembled PDU". Sniffed both the tunnel interface and the external one.
Accordingly, the question is for the network gurus: maybe someone has come across a similar one or at least can give a direction where to dig? What signs of problems can you still look for in wireshark?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
S
smartlight, 2013-09-06
@smartlight

Similar symptoms were experienced by my users who have a similar config to yours.
The case turned out to be with an hourly openvpn reconnect.
And I’ll add on my own, I compared the work of openvpn over TCP vs UDP. The responsiveness of the terminal session on UDP was many times better.

Report
T
tgz, 2013-09-06
@tgz

Change to UDP.

Report
V
Vladimir Dubrovin, 2013-09-06
@z3apa3a

The description is very similar to the so-called. the "black screen" problem in the terminal session, which is caused by the presence of a channel with a lower MTU on the packet path (in your case, a VPN connection). Those. do not pass large packages. It is treated by reducing the MTU on the terminal server.

Report
J
JDima, 2013-09-06
@JDima

during "freezes" there are a lot of packets marked "TCP segment of a reassembled PDU".

Great. Now tell me how big the fragments are and what packages they belong to.

Similar questions
A
Alexey Kostyukhin2018-10-09 16:44:28
How to setup auto-connect on boot to 2nd openvpn on linux mint 18.1? 1Reply
S
Selex2020-08-28 20:21:00
Add your VPN provider to Windows 10? 1Reply
S
slide3str2016-05-31 15:51:45
OpenVPN + noip.com, behind a gray ip? 0Reply
A
Alexander2018-11-02 15:42:24
How to implement bonding of multiple OpenVPN on ubuntu between 2 machines? 0Reply
R
Ruslan Samara2018-11-04 09:22:00
How to properly install openvpn server on the network? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question