* Is my connection timing out here?
@ 2015-03-11 17:46 jack seth
2015-03-19 14:42 ` jack seth
0 siblings, 1 reply; 2+ messages in thread
From: jack seth @ 2015-03-11 17:46 UTC (permalink / raw)
To: netfilter
I am trying to out my Openvpn config using DH parameters 16384 size keys (I know I know but it is testing :)). I am using my working config except for substituting my large keys. My config works with a 8192 sized DH but not with 16384. I am getting a 'inactivity timeout' from the server after about 3 minutes during the TLS handshake. I have read it will take longer to negotiate with these large keys. Based on other replies I have gotten I suspect that it is the linux/iptables connection that is timing out and not OpenVPN.
I have tried changing this command to a higher timeout number but it doesn't help. sudo sysctl -w net.netfilter.nf_conntrack_udp_timeout_stream=???
How can I track down what is happening here?
^ permalink raw reply [flat|nested] 2+ messages in thread
* RE: Is my connection timing out here?
2015-03-11 17:46 Is my connection timing out here? jack seth
@ 2015-03-19 14:42 ` jack seth
0 siblings, 0 replies; 2+ messages in thread
From: jack seth @ 2015-03-19 14:42 UTC (permalink / raw)
To: netfilter
Could someone please provide some guidance on the below? If there is a more appropriate list I should post to please let me know which one.
----------------------------------------
> From: bird_112@hotmail.com
> To: netfilter@vger.kernel.org
> Subject: Is my connection timing out here?
> Date: Wed, 11 Mar 2015 12:46:33 -0500
>
> I am trying to out my Openvpn config using DH parameters 16384 size keys (I know I know but it is testing :)). I am using my working config except for substituting my large keys. My config works with a 8192 sized DH but not with 16384. I am getting a 'inactivity timeout' from the server after about 3 minutes during the TLS handshake. I have read it will take longer to negotiate with these large keys. Based on other replies I have gotten I suspect that it is the linux/iptables connection that is timing out and not OpenVPN.
>
> I have tried changing this command to a higher timeout number but it doesn't help. sudo sysctl -w net.netfilter.nf_conntrack_udp_timeout_stream=???
>
> How can I track down what is happening here? --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-03-19 14:42 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-03-11 17:46 Is my connection timing out here? jack seth
2015-03-19 14:42 ` jack seth
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.