https://rancher.com/ logo
Join Slack
Powered by
This message was deleted.
# harvester
a
This message was deleted.
b
a
b
hmm, the issues are not related (i don’t even enabled the separate storage network)
a
I guess I was hopeful that the command listed at the bottom of the issue could be modified to meet your use case. Something like: $ip link set mtu 1400 dev $interface
But, you are correct. This does not exactly mirror your setup.
b
from what i’ve noticed the following (https://docs.harvesterhci.io/v1.1/networking/deep-dive) • from tap1 to vethxxx - we see 4 tcp fragments • from vethxxx to mgmt-br - we see just 1 big TCP packet tagged with vlan 4002 • of course, the mgmt-bo cannot send the packet to eth0 and also, the Hetzner router will drop these packets because all packets must be under 1400 bytes + VLAN tag
I’ve tried a lot of things, I’m studying the packages using wireshark.. but i’m missing something
👍 1
it’s interesting though, that the ping packet can travel from Hetzner VLAN to VM (with 5000 bytes), but it doesn’t work from VM to Hetzner VLAN
a
That does sound odd...
b
i don’t know how to configure veth generated by https://www.cni.dev/plugins/current/main/bridge/ to fragment the packages with MTU 1400 (I’ve tried to set up the interface with MTU 1400 but it doesn’t work.. the packet captured in mgmt-br has 5046 bytes)
a temporary workaround: • on host set eth, mgmt-bo, mgmt-br MTU to 1500 • on host: 
echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables
(this is a security risk) • in VM set the MTU of mounted interface to 
1400
a
Thanks for sharing!
b
Also, I’ve identified that Hetzner Loadbalancer have a bug when using ports like 31883. I’ve switched to port 30883 and things get back to normal.
Open in Slack
PreviousNext
Powered by