Summary: | net-misc/openconnect-4.07 - after 30 minutes the VPN reconnects but only has a partially working connection | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Matthew Schultz <mattsch> |
Component: | New packages | Assignee: | Matthew Schultz <mattsch> |
Status: | RESOLVED CANTFIX | ||
Severity: | normal | CC: | hasufell, martin.dummer, proxy-maint |
Priority: | Normal | Keywords: | UPSTREAM |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.infradead.org/openconnect/ | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Matthew Schultz
2012-12-05 19:27:12 UTC
Workaround in the mean time: Restart the service every 30 minutes manually (you can use the init script) --or-- Copy the 4.07 ebuild to your local portage overlay and rename it to 3.20, then change these lines: $(use_enable nls ) \ $(use_with openssl ) \ $(use_with gnutls ) to: $(use_enable nls ) Note that when downgrading, you will lose gnutls support and you must use openssl. It appears the default MTU is set too low. Overriding the default and setting it to --mtu 1406 seems to keep the connection more stable. I'm still working with upstream to see what they can do about this. I never had this problem, I'm using openconnect more than 12 months several hours a week, some days 6 hours and longer without interruption. The MTU of the tun0 interface is 1300 for my config, I don't know how to set this so I assume it's a configuration information coming from the server side. Just for information: the underlying ppp0 or eth0 interfaces (depending of the internet connection type) have both MTU 1500. (In reply to comment #3) > I never had this problem, I'm using openconnect more than 12 months several > hours a week, some days 6 hours and longer without interruption. > The MTU of the tun0 interface is 1300 for my config, I don't know how to set > this so I assume it's a configuration information coming from the server > side. > Just for information: the underlying ppp0 or eth0 interfaces (depending of > the internet connection type) have both MTU 1500. My MTU defaults to 951 if I don't set it. The MTU for the vpn is defined in the tun interface. When you want to override the MTU, you just set it in vpnopts_(vpn tunnel name) like this: vpnopts_vpn0="--mtu 1406 ...other flags" 1406 seems to be the maximum MTU allowed. I haven't had any problems when I override the MTU and set it to this when testing. I'm still trying to get information from upstream as to why the default MTU is so low. is this still present with 4.08 or 5.01? I'm no longer able to test this since I don't have access to an anyconnect vpn anymore and since nobody else has had this problem, I'm closing this bug. |