Messages

I can ping www.speedguide.net with 1500 bytes too:

Code Select Expand

% ping -D -s1472 www.speedguide.net
PING www.speedguide.net (68.67.73.20): 1472 data bytes
1480 bytes from 68.67.73.20: icmp_seq=0 ttl=51 time=107.106 ms
1480 bytes from 68.67.73.20: icmp_seq=1 ttl=51 time=107.499 ms
1480 bytes from 68.67.73.20: icmp_seq=2 ttl=51 time=107.253 ms
1480 bytes from 68.67.73.20: icmp_seq=3 ttl=51 time=107.499 ms
1480 bytes from 68.67.73.20: icmp_seq=4 ttl=51 time=107.270 ms
1480 bytes from 68.67.73.20: icmp_seq=5 ttl=51 time=107.550 ms
For some reason opnsense is TCP MSS clamping while there's no need...

Thank you for your replies.

ping also works on the router itself:

Code Select Expand

root@router:~ # ping -D -s1472 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 1472 data bytes
1480 bytes from 1.1.1.1: icmp_seq=0 ttl=60 time=8.115 ms
1480 bytes from 1.1.1.1: icmp_seq=1 ttl=60 time=8.364 ms

Also the MTU's are correct in ipconfig (igc0=1512, igc0_vlan6=1508, PPPoE=1500). So this seems to be only a MSS clamping issue. 

Hi,

I'm running OPNsense 25.1.5_5-amd64 on a typical PPPoE over VLAN internet connection that supports mini-jumbo packets. To enable this I set an MTU of 1508 on the PPPoE connection (showing calculated 1500).

This seems to work, pinging works:

Code Select Expand

$ ping 1.1.1.1 -c 10 -M do -s 1472
PING 1.1.1.1 (1.1.1.1) 1472(1500) bytes of data.
1480 bytes from 1.1.1.1: icmp_seq=1 ttl=58 time=18.9 ms
1480 bytes from 1.1.1.1: icmp_seq=2 ttl=58 time=23.8 ms

However when checking BGP.Tools or SpeedGuide.net I get an TCP MSS or 1452 for IPv4. How can I fix this?

Thank you for your replies!

I'm sure the MTU of the PPPoE line is configured correctly (1500 internal, 1508 on the VLAN, 1512 on the bare interface) because I'm able to ping with 1500-byte packets successfully (when I revert to the "standard" 1492 I can't as expected).

The issue seems to be with some TCP connections that show a MSS of 1452 where 1460 would be expected (1508 Ethernet).

So at the moment:
When using OpenWRT: Speedtest.net shows 1 gigabit up/down, downloads of speedtest-files from telenet.net, serverius.net (and others) are (almost) gigabit speeds, like 900 megabit/s+
When using OPNsense: Speedtest.net shows 1 gigabit up/down, downloads of speedtest-files are only 20 megabit/s.

And 1500-size pings work on both setups.

I have just installed OPNsense 24.1.5_3-amd64 on a machine migrating from OpenWRT x86.

My connection is a typical Dutch PPPoE internet connection over VLAN6 with 1 Gigabit speeds. The internet provider supports an MTU of 1500 within the PPPoE tunnel. The hardware contains a Intel i226-V NIC (connected to WAN) and a Intel X710 NIC (connected to LAN).

The issue I'm seeing is that downloads are slow. For example I'm only getting +/- 7 MB/s on http://speedtest.tele2.net/ and only 3 MB/s on https://speedtest.serverius.net/. However I'm able to reach almost full gigabit speeds on speedtest.net on the same hardware. The downloads from the speedtest servers are full speed again when switching back to the OpenWRT machine.

I did a packet-dump and noticed that a TCP MSS of 1452 was being returned on the TCP connection when downloading from the speedtest servers.

However when doing ping tests I'm able to successfully send pings with an MTU of 1500 and receive a reply.

I'm out of options how to fix this. Do you have any ideas?