I changed WLAN on my laptop to use DHCP (instead of a static address), but then SSH does not work anymore.
It gets that far:
and there it hangs forever.
After the WLAN is up and configured, I start a VPN tunnel, and then I start the SSH connections into the VPN tunnel. When changing the WLAN back to static IP, things do work again.
This is the difference in ifconfig:
Looking closer...
The ssh sends packets into the tunnel, but does not get an answer:
The VPN sends packets onto the WLAN, but does not get an answer (mtu 1500, so these packets are oversized and fragmented by the kernel):
The packets come out of the WLAN, but the second fragment have disappeared:
It seems like the WLAN router would swallow the fragments.
But then, when I stop the VPN, do
It gets that far:
Code:
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
After the WLAN is up and configured, I start a VPN tunnel, and then I start the SSH connections into the VPN tunnel. When changing the WLAN back to static IP, things do work again.
This is the difference in ifconfig:
Code:
< deftxkey UNDEF AES-CCM 4:128-bit txpower 30 bmiss 7 scanvalid 60
---
> deftxkey UNDEF AES-CCM 3:128-bit txpower 30 bmiss 7 scanvalid 60
Looking closer...
The ssh sends packets into the tunnel, but does not get an answer:
Code:
13:59:37.628988 IP6 fd00::8101.22 > fd00::1206.52465: Flags [.], ack 39, win 1035, options [nop,nop,TS val 2549388454 ecr 1397418994,nop,nop,sack 1 {1467:2823}], length 0
13:59:37.816797 IP6 fd00::1206.52465 > fd00::8101.22: Flags [.], seq 39:1467, ack 1167, win 1035, options [nop,nop,TS val 1397419694 ecr 2549388454], length 1428
13:59:38.586798 IP6 fd00::1206.52465 > fd00::8101.22: Flags [.], seq 39:1467, ack 1167, win 1035, options [nop,nop,TS val 1397420464 ecr 2549388454], length 1428
13:59:39.926798 IP6 fd00::1206.52465 > fd00::8101.22: Flags [.], seq 39:1467, ack 1167, win 1035, options [nop,nop,TS val 1397421804 ecr 2549388454], length 1428
13:59:42.406794 IP6 fd00::1206.52465 > fd00::8101.22: Flags [.], seq 39:1467, ack 1167, win 1035, options [nop,nop,TS val 1397424284 ecr 2549388454], length 1428
The VPN sends packets onto the WLAN, but does not get an answer (mtu 1500, so these packets are oversized and fragmented by the kernel):
Code:
13:59:37.628865 IP 89.163.152.223.5006 > 192.168.96.100.8211: UDP, length 124
13:59:37.816913 IP 192.168.96.100.8211 > 89.163.152.223.5006: UDP, bad length 1540 > 1472
13:59:37.816925 IP 192.168.96.100 > 89.163.152.223: ip-proto-17
13:59:38.587478 IP 192.168.96.100.8211 > 89.163.152.223.5006: UDP, bad length 1540 > 1472
13:59:38.587495 IP 192.168.96.100 > 89.163.152.223: ip-proto-17
13:59:39.927526 IP 192.168.96.100.8211 > 89.163.152.223.5006: UDP, bad length 1540 > 1472
13:59:39.927541 IP 192.168.96.100 > 89.163.152.223: ip-proto-17
13:59:42.407551 IP 192.168.96.100.8211 > 89.163.152.223.5006: UDP, bad length 1540 > 1472
13:59:42.407567 IP 192.168.96.100 > 89.163.152.223: ip-proto-17
The packets come out of the WLAN, but the second fragment have disappeared:
Code:
13:59:37.901638 IP 89.163.152.223.5006 > 192.168.96.100.8211: UDP, length 124
13:59:38.093897 IP 192.168.96.100.8211 > 89.163.152.223.5006: UDP, bad length 1540 > 1472
13:59:38.865314 IP 192.168.96.100.8211 > 89.163.152.223.5006: UDP, bad length 1540 > 1472
13:59:40.204777 IP 192.168.96.100.8211 > 89.163.152.223.5006: UDP, bad length 1540 > 1472
13:59:42.684859 IP 192.168.96.100.8211 > 89.163.152.223.5006: UDP, bad length 1540 > 1472
It seems like the WLAN router would swallow the fragments.
But then, when I stop the VPN, do
service netif wlan0 stop
, start it again without the DHCP option (and manually configure the same IP-address) and start the VPN again, then the fragments come out of the WLAN and the connection works. Reproducibly.
Last edited: