VirtualBox

Opened 10 years ago

Last modified 9 years ago

#13967 new defect

NatNetwork limits mtu

Reported by: RobbySherwood Owned by:
Component: network/NAT Version: VirtualBox 4.3.26
Keywords: nat drop loss packet Cc:
Guest type: Linux Host type: Windows

Description

I have 4.3.26 in win7 running.

My guests are linux (redhat 5,4 5.10, opensuse 13.2, ...)

All are connected to a virtualbox NatNetwork

Inside the guests an openvpn client is started and i see, that huge packets that the openvpn client sents will be dropped. I investigated further and found out, that the highest Packet size leaving the host is 1295 bytes long.

Change History (6)

comment:1 by RobbySherwood, 10 years ago

My workaround was to set openvpn client to:

tun-mtu 1200
test-mtu

# Set log file verbosity.
verb 5

Test and finetuning is possible by openvpn mtu-test giving this log information:

Wed Mar 18 14:04:28 2015 us=301915 NOTE: Empirical MTU test completed [Tried,Actual] local->remote=[1397,1253] remote->local=[1397,1397]

comment:2 by Valery Ushakov, 10 years ago

Host type: otherWindows

comment:3 by Valery Ushakov, 10 years ago

What makes you think this problem is caused by NAT Network?

What is your host IP configuration? netsh int ip show int - will show you host MTU values.

comment:4 by epinephrine, 9 years ago

I have also observed this same behavior for quite some time (Gentoo linux guest running openvpn, host win7 with NAT). The above workaround in lowering the openvpn MTU works when "NAT Network" is used and connectivity issues are not observed while in "Bridge" mode.

Here is the requested info of the hosts MTU values.

Idx     Met         MTU          State                Name
---  ----------  ----------  ------------  ---------------------------
  1          50  4294967295  connected     Loopback Pseudo-Interface 1
 15          50        1500  disconnected  Wireless Network Connection
 14          20        1468  connected     Local Area Connection
 16          10        1500  connected     VirtualBox Host-Only Network

comment:5 by epinephrine, 9 years ago

man openvpn: "It's best to use the --fragment and/or --mssfix options to deal with MTU sizing issues."

'mssfix 1300' works for me WMMV

comment:6 by epinephrine, 9 years ago

When using NAT network packets fragment greater than 1482 bytes.

Openvpn is sensitive to fragmentation when running udp mode, this issue can be tested without using this application.

'hping -d xxxx -1 -c 1 foo' from guest, monitor packets from a span port.

NAT Network 14 Bytes Ethernet + 28 Bytes ICMP Header + 1440 Bytes data == 1482 Bytes on wire 14 Bytes Ethernet + 28 Bytes ICMP Header + 1441 Bytes data == 1482 Bytes on wire Fragmented ... 14 Bytes Ethernet + 28 Bytes ICMP Header + 1458 Bytes data == 1482 Bytes on wire Fragmented

Bridge Network 14 Bytes Ethernet + 28 Bytes ICMP Header + 1440 Bytes data == 1482 14 Bytes Ethernet + 28 Bytes ICMP Header + 1441 Bytes data == 1483 Bytes on wire ... 14 Bytes Ethernet + 28 Bytes ICMP Header + 1458 Bytes data == 1500 Bytes on wire

Version 0, edited 9 years ago by epinephrine (next)
Note: See TracTickets for help on using tickets.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy