I’ve been affected by this on and off for some time now. Over the last 10 minutes pinging across it reported 10% packet loss. I don’t really even know where to behind troubleshooting this. I would check how much data is being transferred over it (to consider if it’s simply our upload being overused) but how do I even do that, I can’t find it in the controller UI.
Hello! Thanks for posting on r/Ubiquiti!
This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.
Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit.
If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it!
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
Start with posting what devices you are working with
Post what firmware you are running on all devices
What internet connections are on both sides?
Post your sanitized configs.
Check the logs
https://www.mikenowak.org/mind-mtu-tale-unifi-edgerouter-x-ipsec-nps/
are you loosing packets between the sites, while not routing through the VPN?
Good place to start.
Site ‘2’: UniFi Security Gateway 3P, firmware 4.4.55.5377096
Site ‘60’: UniFi Security Gateway 3P, 4.4.55.5377096
Site ‘73’: UniFi Security Gateway 3P, 4.4.55.5377096
Internet connections are Virgin Media Business. Speed test at site 73 reports 378/49 and 11 ms latency, I can’t test the others right now.
I’m not sure how I get copyable configs from Unifi gear, a quick Google only found instructions for Edge gear.
SSHing into one of the USGs and doing show log gives me several entries like this every minute
Jul 8 16:28:02 usg73 kernel: IPv4: martian source 255.255.255.255 from 10.73.1.169, on dev eth1.32
Jul 8 16:28:02 usg73 kernel: ll header: 00000000: ff ff ff ff ff ff 90 8d 78 48 e7 80 08 00 45 00 ........xH....E.
Jul 8 16:28:02 usg73 kernel: ll header: 00000010: 01 59 .Y
With varying IP addresses and both various eth and vti devices.
From your article, “MSS-Clamp applies to TCP only” - and I’m using that to address MTU issues. Ugh, I suppose I shouldn’t be surprised. Seems like that might be something to investigate further.
Well thought, but looks like no.
This might help you. It’s the VPN troubleshooting guide direct from Ubiquiti.