Today you find a solution when you face broken network streams between multiple site-to-site VPN’s.
Environment
- Three locations
- Three Ubiquiti USG
- Three static IP’s
Behind the scene
Below you see the chart from my whiteboard to solve the problem. During debugging I figured out that the L2TP does not have any performance issues. The ppp0 interface had a MTU of 1280 after the connection was established. Beside the different MTU values I tried different settings for the IPS/IDS and dynamic routing which has no impact on the problem. There where much more ideas to solve this problem, like option 26 for the DHCP server, and many more.
Solution
Based on the documentation for the EdgeRouter (link), 1350 is a good value for the Maximum Segment Size.
- Navigate to the controller webinterface
- Select your USG
- Go to configuration
- Set the MSS to 1350
- Apply this value for all your sites
