0

A customer is having issue with our system and after investigating and analyzing tcp traffic with tcpdump, I noticed that fragmented packets were not received by our cloud server (OVH).

I did some tests:

  1. Changed the cloud server address to our old one (Azure), and everything was working fine!
  2. Reverted back the server to production server and again, fragmented packets are not received.
  3. Modified the MTU from 1500 to 1492 on the customer system, and now it's working perfectly!

Why MTU size is affecting communication for one server and not the other? This customer is using verizon hotspot, I saw something similar at another customer using Satellite connection (Xplornet)

JPelletier
  • 111
  • 4
  • Did you trace the route from the client to both servers? I suspect that the path is different and that's why you're seeing this difference between the old and new servers. – joeqwerty Jan 10 '18 at 17:18
  • 1
    A simple test would be to use the evaluation trial of PingPlotter, and use the TCP packet type (for the protocol/port you use), with the expected packet size, and uncheck the fragment box. It may show you in the graph where in the route the MTU is dropped. https://www.pingplotter.com/manual/packetoptions.html – Greg Askew Jan 10 '18 at 17:28
  • @joeqwerty yes i did, path is different since one is on Azure and the other one OVH but doesn't help me – JPelletier Jan 10 '18 at 17:46
  • @GregAskew I need something for Ubuntu Server, any idea ? – JPelletier Jan 10 '18 at 17:46
  • iPerf?......... – joeqwerty Jan 10 '18 at 21:08
  • @joeqwerty Doesn't help, give me "MSS size 1440 bytes (MTU 1500 bytes, ethernet)" but I still want to understand why I have packets loss with a specific host when I keep default MTU on my ubuntu server – JPelletier Jan 11 '18 at 14:07
  • Have you asked OVH whether they drop fragments by policy? (e.g. firewall) – marctxk Jan 11 '18 at 14:19
  • @marctxk We have about 300 customers connected to that server without any issue, and reducing MTU doesn't eliminate fragments – JPelletier Jan 11 '18 at 14:45
  • Reducing MTU on a sending host sufficiently will eliminate fragments, full stop. If the three hundred customers are not complaining then they are totally irrelevant to the customer that is. They might have PMTUD configured. Your problem customer may not. They may have properly configured LANs\WANs,who knows? You've said that reducing MTU eliminates the problem. Fragmentation is considered a security risk and I've seen plenty of firewalls that are configured to drop all fragmented datagrams. If it were my problem, I'd ask OVH, but it's not. – marctxk Jan 11 '18 at 15:46

0 Answers0