[RndTbl] double-natted ssh weirdness
Trevor Cordes
trevor at tecnopolis.ca
Sun Mar 17 16:35:02 CDT 2024
On 2024-03-15 Adam Thompson wrote:
> Also if you want to be sure of avoiding all MSS issues, aim low, like
> 1024, instead of "just low enough" like 1396. You won't likely be
> able to measure the difference. -Adam
I did try lowering it a bit more. It turns out there were 2 problems
(as usual): the mtu issue *and* some intermediate router in the
double-nat had a really short conntrack keepalive. The latter was the
fine-now-pauses-later problem and was overcome by setting stricter
keepalive settings on sshd. (Should have remembered this, as I'm sure
I've seen that before.)
All works great now!
More information about the Roundtable
mailing list