Падает openvpn

0

0

При пинге,отличном по размру от стандартного размра пакета ipcmp,например ping $host -l 1400 :) Падает openvpn-соеинение между серваком и клиентом.Вот конфиг сервера и клиента -
daemon openvpn
user nobody
group nobody
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client1.crt
key /etc/openvpn/client1.key
tls-auth /etc/openvpn/ta.key 1
dev tun
client
remote xxx.xxx.xxx.xxx
tls-client
ns-cert-type server
proto tcp-client
port 5001
ping 15
ping-restart 5
ping-timer-rem
comp-lzo
tun-mtu 1500
tun-mtu-extra 32
persist-tun
persist-key
mssfix 1500 #1450
verb 6
log /var/log/openvpn.log

Сервер

daemon openvpn
dev tun
server 10.1.0.0 255.255.255.0
push "route 10.1.0.0 255.255.255.0"
push "route 192.168.0.0 255.255.255.0"
push "route 192.168.8.0 255.255.255.0"
push "route 192.168.7.0 255.255.255.0"
route 192.168.8.0 255.255.255.0
route 192.168.7.0 255.255.255.0
client-to-client
client-config-dir /etc/openvpn/ccd
tls-server
proto tcp-server
port 5001
user nobody
group nobody
comp-lzo
persist-tun
persist-key
keepalive 10 120
verb 4
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
tls-auth /etc/openvpn/ta.key 0
лог на стороне клиента Sat Dec 9 19:28:41 2006 us=32146 TUN READ [78]
Sat Dec 9 19:28:41 2006 us=32186 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:28:41 2006 us=37042 TCPv4_CLIENT READ [125] from 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=124
Sat Dec 9 19:28:41 2006 us=37076 TUN WRITE [84]
Sat Dec 9 19:28:47 2006 us=594935 TUN READ [78]
Sat Dec 9 19:28:47 2006 us=594989 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:28:47 2006 us=601865 TCPv4_CLIENT READ [125] from 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=124
Sat Dec 9 19:28:47 2006 us=601904 TUN WRITE [84]
Sat Dec 9 19:28:57 2006 us=184470 TCPv4_CLIENT READ [53] from 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=52
Sat Dec 9 19:28:57 2006 us=184595 TCPv4_CLIENT WRITE [53] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=52
Sat Dec 9 19:29:07 2006 us=245056 TCPv4_CLIENT READ [53] from 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=52
Sat Dec 9 19:29:07 2006 us=245135 TCPv4_CLIENT WRITE [53] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=52
Sat Dec 9 19:29:10 2006 us=733681 TCPv4_CLIENT READ [125] from 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=124
Sat Dec 9 19:29:10 2006 us=733730 TUN WRITE [84]
Sat Dec 9 19:29:10 2006 us=751356 TUN READ [84]
Sat Dec 9 19:29:10 2006 us=751399 TCPv4_CLIENT WRITE [125] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=124
Sat Dec 9 19:29:20 2006 us=243304 TCPv4_CLIENT WRITE [53] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=52
Sat Dec 9 19:29:30 2006 us=395941 TCPv4_CLIENT WRITE [53] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=52
Sat Dec 9 19:29:34 2006 us=359208 TUN READ [78]
Sat Dec 9 19:29:34 2006 us=359267 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:29:34 2006 us=359443 TUN READ [78]
Sat Dec 9 19:29:34 2006 us=359482 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:29:34 2006 us=361251 TUN READ [78]
Sat Dec 9 19:29:34 2006 us=361288 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:29:34 2006 us=789302 TUN READ [78]
Sat Dec 9 19:29:34 2006 us=789346 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:29:35 2006 us=853565 TUN READ [78]
Sat Dec 9 19:29:35 2006 us=853616 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:29:35 2006 us=853720 TUN READ [78]
Sat Dec 9 19:29:35 2006 us=853757 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:29:35 2006 us=853787 TUN READ [78]
Sat Dec 9 19:29:35 2006 us=853823 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116
Sat Dec 9 19:29:36 2006 us=275341 TUN READ [78]
Sat Dec 9 19:29:36 2006 us=275389 TCPv4_CLIENT WRITE [117] to 195.128.49.98:5001: P_DATA_V1 kid=0 DATA len=116

По 14000(таже по 1400 и др) 1 пакет проходит и потом-всё...висняк.Потом соединение через какое то время саом поднимается =)

Ссылка

←	Samba сервер и WinXP

Лог DHCP

→

В догонку.. Файлы большого размера (>1mb) тоже хрен передашь, виснит передача данных... Уже с разными опциями игрался один хрен так сказать...
Поставил свой старый конфиг для сервера и клиента -всё работает,вот они:
openvpn.conf.08.12.2006
tls-server
local xxx.xxx.xxx.xxx
ifconfig 10.1.0.2 10.1.0.1
port 1194
proto udp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
route 192.168.8.0 255.255.255.0
keepalive 10 120
comp-lzo
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 6

dev tun
route 192.168.0.0 255.255.255.0
remote xxx.xxx.xxx.xxx
ifconfig 10.1.0.1 10.1.0.2
tls-client
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client1.crt
key /etc/openvpn/client1.key
port 1194
user nobody
group nobody
comp-lzo
ping 15
ping-restart 45
ping-timer-rem
persist-tun
persist-key
verb 3
log /var/log/openvpn.log