Dropped Connections
steve menard
edranem "at" dranem.org
Thu Feb 28 17:00:01 2008
the stations mtu typically need to be smaller then the vpn
so the data packet fits within the transmitted ethernet packet
Trace Carpenter wrote:
> OK, I think I understand where the confusion came in now. I see that
> you mean that both stations need to have the same MTU sizes, but does
> the VPN MTU need to be 100 bytes smaller than the PPP MTU on both
> stations?
>
> Oh and one last question. The Sonicwall defaults to an MTU size of
> 1500. Does that enter into the equation when I set the sizes on the
> workstations?
>
> Thanks again.
>
> --
> Trace Carpenter
> The Carpenter Group
> 445 E. FM1382, Ste. 3-373
> Cedar Hill, Texas 75104
> 972.617.7131 Main Line
> 972.617.9210 Private/Direct Line
> mail "at" tracecarpenter.com
> www.tracecarpenter.com
> www.carpenter-group.com
>
>
> > Date: Thu, 28 Feb 2008 12:45:22 -0400
> > From: edranem "at" dranem.org
> > To: carpenter_trace "at" hotmail.com; vnc-list "at" realvnc.com
> > Subject: Re: Dropped Connections
> >
> > no
> > having two stations with differing MTU
> > or automatic MTU calculation on either side of a vpn
> > can cause issues
> >
> >
> > Trace Carpenter wrote:
> > > You mentioned a "mismatched" MTU will cause problems. Everything else
> > > I've seeing says that the VPN MTU should be at least 100 bytes less
> > > than the PPP MTU. Are you saying that is incorrect and that they
> > > should be the same? Right now there are no registry entries below the
> > > HKLM\SYSTEM\CurrentControlSet\Services\Parameters\ location, so they
> > > would all have to be created.
> > >
> > > Thanks again for all your insight.
> > >
> > > --
> > > Trace Carpenter
> > > The Carpenter Group
> > > 445 E. FM1382, Ste. 3-373
> > > Cedar Hill, Texas 75104
> > > 972.617.7131 Main Line
> > > 972.617.9210 Private/Direct Line
> > > mail "at" tracecarpenter.com
> > > www.tracecarpenter.com
> > > www.carpenter-group.com
> > >
> > >
> > > > Date: Thu, 28 Feb 2008 11:31:52 -0400
> > > > From: edranem "at" dranem.org
> > > > To: carpenter_trace "at" hotmail.com; vnc-list "at" realvnc.com
> > > > Subject: Re: Dropped Connections
> > > >
> > > > yes that is likely the culprit
> > > > a mismatched MTU will cause drops and black screens and pauses
> > > >
> > > > data packet sent fragmentation issue
> > > > transaction never completes
> > > >
> > > >
> > > > steve
> > > > I wondered about that when I saw this:
> > > >
> > > >
> > >
> http://support.microsoft.com/default.aspx?scid=kb;en-us;826159&Product=winxp
>
> > >
> > > >
> > >
> <http://support.microsoft.com/default.aspx?scid=kb;en-us;826159&Product=winxp>
> > > >
> > > > Is that what you're referring to? If so I suppose it would
> require that
> > > > we lay hands on every workstation in the organization all every
> > > location.
> > > >
> > > >
> > > >
> > > > > Date: Thu, 28 Feb 2008 01:13:44 -0400
> > > > > From: edranem "at" dranem.org
> > > > > To: carpenter_trace "at" hotmail.com
> > > > > CC: vnc-list "at" realvnc.com
> > > > > Subject: Re: Dropped Connections
> > > > >
> > > > > it is a per station setting that needs to be adjusted
> > > > >
> > > > >
> > > > > Trace Carpenter wrote:
> > > > > > Thanks for the reply. Unfortunately Sonicwall doesn't have
> an option
> > > > > > to adjust the VPN MTU. The option is to enable Fragmented Packet
> > > > > > Handling. It has always been enabled and the "Ignore Don't
> Fragment
> > > > > > Bit" option is also checked.
> > > > > >
> > > > > >
> > > > > > > Date: Wed, 27 Feb 2008 19:07:54 -0400
> > > > > > > From: edranem "at" dranem.org
> > > > > > > To: carpenter_trace "at" hotmail.com; vnc-list "at" realvnc.com
> > > > > > > Subject: Re: Dropped Connections
> > > > > > >
> > > > > > > I have seen this due to non matching MTU settings
> > > > > > >
> > > > > > >
> > > > > > > Trace Carpenter wrote:
> > > > > > > > For years I've been battling a problem that no one seems
> to be
> > > > > > able to solve.
> > > > > > > >
> > > > > > > > When using RealVNC we commonly encounter a dropped
> > > connection with
> > > > > > the error
> > > > > > > > message "Connection reset by peer (10054)." When testing
> with
> > > > > > TightVNC the
> > > > > > > > error still occurs, but he message displayed by that
> program is
> > > > > > "Error waiting
> > > > > > > > for server message."
> > > > > > > >
> > > > > > > > According to much of what has been written by James
> Weatherall,
> > > > > > the problem is
> > > > > > > > usually attributed to a lack of bandwidth and it is
> > > suggested that
> > > > > > a rate
> > > > > > > > limit on mouse pointers be inacted. In our case, we
> commonly see
> > > > > > it when going
> > > > > > > > across a 100Mbps LAN at all three of our locations and when
> > > > > > transversing a VPN
> > > > > > > > tunnel between the LANS. The VPN tunnel is a dedicated
> tunnel
> > > > > > running between
> > > > > > > > Sonicwall TZ170s and the pipe between the locations are
> T-1 so
> > > > > > bandwidth seems
> > > > > > > > to be an unlikely culprit.
> > > > > > > >
> > > > > > > > In a testing situation I have often left VNC sessions open
> > > for >24
> > > > > > Hours which
> > > > > > > > have been stable when no one is using either computer. The
> > > problem
> > > > > > seems to
> > > > > > > > occur most often when you have a session going between your
> > > > > > workstation and a
> > > > > > > > remote server, AND you are working on other things at
> the same
> > > > > > time. For
> > > > > > > > example, while working on the remote machine you open
> another
> > > > > > window on your
> > > > > > > > local machine to enter some data and then go back to the
> remote
> > > > > > machine
> > > > > > > > window. It is at that time you will see the failure.
> > > > > > > >
> > > > > > > > All machines are current class machines running at least
> 1.5
> > > Gigs
> > > > > > of memory
> > > > > > > > and Windows XP Professional.
> > > > > > > >
> > > > > > > > There seem to be a few other threads with this exact same
> > > problem
> > > > > > that have
> > > > > > > > been tested in the same manner and have gotten the same
> error
> > > > > > messages from
> > > > > > > > the different VNC flavors, but I have yet to find a
> response to
> > > > > > their request.
> > > > > > > > Hopefully I've included enough details to help resolve this.
> > > > > > > >
> > > > > > > > Any insight would be greatly appreciated.
> > > > > > > >
> > > _________________________________________________________________
> > > > > > > > Need to know the score, the latest news, or you need your
> > > > > > Hotmail.-get your
> > > > > > > > "fix".
> > > > > > > > http://www.msnmobilefix.com/Default.aspx
> > > > > > > > _______________________________________________
> > > > > > > > VNC-List mailing list
> > > > > > > > VNC-List "at" realvnc.com
> > > > > > > > To remove yourself from the list visit:
> > > > > > > > http://www.realvnc.com/mailman/listinfo/vnc-list
> > > > > > > > .
> > > > > > > >
> > > > > > > >
> > > > > >
> > > > > >
> > > >
> ------------------------------------------------------------------------
> > > > > > Shed those extra pounds with MSN and The Biggest Loser!
> Learn more.
> > > > > > <http://biggestloser.msn.com/>
> > > >
> > > >
> > > >
> ------------------------------------------------------------------------
> > > > Shed those extra pounds with MSN and The Biggest Loser! Learn more.
> > > > <http://biggestloser.msn.com/>
> > >
> > >
> > >
> ------------------------------------------------------------------------
> > > Need to know the score, the latest news, or you need your
> Hotmail.-get
> > > your "fix". Check it out. <http://www.msnmobilefix.com/Default.aspx>
>
>
> ------------------------------------------------------------------------
> Need to know the score, the latest news, or you need your Hotmail.-get
> your "fix". Check it out. <http://www.msnmobilefix.com/Default.aspx>