[Openswan Users] MySQL over Openswan VPN tunnel

Simon Deziel simon at xelerance.com
Wed Feb 12 22:47:53 EST 2014 

Oups, sorry, this one should not complain:

 iptables -t mangle -I POSTROUTING -p tcp --tcp-flags SYN,RST SYN -j
TCPMSS --clamp-mss-to-pmtu

On 14-02-12 06:56 PM, Christopher Slagel wrote:
> Responds with the following:
> 
> [root at noxmail1 ~]# iptables -I OUTPUT -p tcp -j TCPMSS --clamp-mss-to-pmtu
> iptables: Invalid argument. Run `dmesg' for more information.
> 
> 
> 
> 
> 
> On 2/12/14, 3:25 PM, "Simon Deziel" <simon at xelerance.com> wrote:
> 
>> You can try this:
>>
>>  iptables -I OUTPUT -p tcp -j TCPMSS --clamp-mss-to-pmtu
>>
>>
>>
>>
>> On 14-02-12 06:17 PM, Christopher Slagel wrote:
>>> Simon, as an update, it looks like it’s BETTER but still having some
>>> problems.  Small queries are now working, but anything over 1 row still
>>> seems to hang.  I’ve tried lowering the MTU a bit more a couple times
>>> and
>>> still no luck.
>>>
>>>
>>>
>>>
>>>
>>> On 2/12/14, 12:56 PM, "Simon Deziel" <simon at xelerance.com> wrote:
>>>
>>>> You can first try with running "sudo ifconfig eth0 mtu 1400" directly
>>>> on
>>>> the console. This setting will not survive a reboot of course.
>>>>
>>>> On 14-02-12 03:53 PM, Christopher Slagel wrote:
>>>>> Thanks Simon.  Through some research I found that that might be the
>>>>> issue,
>>>>> and I¹ve tried editing our /etc/sysconfig/network-scripts/ifcfg-eth0
>>>>> files
>>>>> and messing with the MTU (adding MTU=³xyz²), but don¹t seem to be
>>>>> having
>>>>> any success.  Is there another way I should try messing with the MTU?
>>>>>
>>>>>
>>>>>
>>>>> On 2/12/14, 12:50 PM, "Simon Deziel" <simon at xelerance.com> wrote:
>>>>>
>>>>>> Hi Christopher,
>>>>>>
>>>>>> The problem you describe could well be related to a MTU issue. I'd
>>>>>> try
>>>>>> setting a MTU of say 1400 and see if things start working.
>>>>>>
>>>>>> HTH,
>>>>>> Simon
>>>>>>
>>>>>> On 14-02-12 03:38 PM, Christopher Slagel wrote:
>>>>>>> We have a VPN tunnel with Openswan between two AWS regions and our
>>>>>>> colo
>>>>>>> facility (Used AWS¹s
>>>>>>> guide: http://aws.amazon.com/articles/5472675506466066).  Regular
>>>>>>> usage
>>>>>>> works OK, but we are having some MySQL issues over the tunnel
>>>>>>> between
>>>>>>> all areas.  Using mysql command line client on a linux server works,
>>>>>>> but
>>>>>>> trying to connect using the MySQL Connector J it basically stallsŠ
>>>>>>> it
>>>>>>> seems to open the connection, but then gets stuck.  It doesn't get
>>>>>>> denied or anything, just hangs there.  Logging isn¹t picking up
>>>>>>> anything
>>>>>>> at all and usually very verbose about errors.  Any input as to what
>>>>>>> we
>>>>>>> can do to fix this/improve the connections would be appreciated.
>>>>>>> Thanks.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> Users at lists.openswan.org
>>>>>>> https://lists.openswan.org/mailman/listinfo/users
>>>>>>> Micropayments:
>>>>>>> https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>>>>>>> Building and Integrating Virtual Private Networks with Openswan:
>>>>>>>
>>>>>>>
>>>>>>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283
>>>>>>> 15
>>>>>>> 5
>>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Users at lists.openswan.org
>>>>>> https://lists.openswan.org/mailman/listinfo/users
>>>>>> Micropayments:
>>>>>> https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>>>>>> Building and Integrating Virtual Private Networks with Openswan:
>>>>>>
>>>>>>
>>>>>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=2831
>>>>>> 55
>>>>>
>>>>>
>>>>
>>>
>>>
>>
> 
>

More information about the Users mailing list