服务端版本:Debian GNU/Linux 7.3 , 2.3.2-7~bpo70+2
客户端版本:CentOS Linux release 7.4.1708 (Core) ,openvpn-2.4.6
Wed May 23 11:15:06 2018 TCP/UDP packet too large on write to [AF_INET]43.251.159.103:6919 (tried=636,max=618) Wed May 23 11:15:12 2018 TCP/UDP packet too large on write to [AF_INET]43.251.159.103:6919 (tried=636,max=618) Wed May 23 11:15:13 2018 TCP/UDP packet too large on write to [AF_INET]43.251.159.103:6919 (tried=636,max=618) Wed May 23 11:15:14 2018 TCP/UDP packet too large on write to [AF_INET]43.251.159.103:6919 (tried=636,max=618) Wed May 23 11:15:28 2018 TCP/UDP packet too large on write to [AF_INET]43.251.159.103:6919 (tried=636,max=618) Wed May 23 11:15:29 2018 TCP/UDP packet too large on write to [AF_INET]43.251.159.103:6919 (tried=636,max=618) Wed May 23 11:15:30 2018 TCP/UDP packet too large on write to [AF_INET]43.251.159.103:6919 (tried=636,max=618) Wed May 23 11:15:58 2018 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Wed May 23 11:15:58 2018 TLS Error: TLS handshake failed
普通浏览网页或ssh登录远程服务器正常,但是发送较大的文件就会出现上面错误,
开始以为MTU值设置过大导致,由默认1500修改为576,可以缓解断线的出现的时间,但最终还是会出现断线。百度以上错误,但是没有收到以上错误,google后到官网搜到官网上有一篇关于这个错误的网页,由于英文不太好,也没有找到原因,网页上介绍大概也是调整MTU值。在测试服务端和客户端都在centos下使用openvpn2.4.5的情况下正常。猜测和版本有关系,将客户端将至openvpn-2.2.2后,配置MTU值为576使用正常,没有出现过断线,但是调整为1500还会出现上面的错误。特此记录一下备忘。
文章来源: openvpn大包断线问题处理