IPIP tunnel speed decreases if idle

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP












0















I've set up an IPIP tunnel on 2 deb9 hosts for public IP routing and it kinda works. I can reach both ends, but if I let it idle for a bit, the speed decreases. After a while I can't even reach it anymore. If I send data (e.g. ping) through the tunnel from the host, the IPs are routed to, it wakes up again. What could be causing this?



OT:
I've tried GRE tunnels as well, but that just doesn't work as it should. It delivers 1.5mbit/s speeds on a gigabit link.










share|improve this question






















  • MTU/Keepalive issues. and having the TCP control/negotiation algorithms being applied twice (outside/inside the tunnel). Those are known limitations, not specific to Linux

    – Rui F Ribeiro
    Feb 24 at 15:34












  • And what could I do about the second part? I've tried changing the MTU, but that didn't help (atleast with the values i tried). I am running a ping session as a keepalive, but that only keeps it alive, the speed still goes down.

    – Martin Magyarics
    Feb 24 at 20:09











  • They are known issues of doing IP in top of IP, or even SCP on top of SSH+IP....I have no workarounds for you that work over the long term. Maybe using IPsec will improve the situation.

    – Rui F Ribeiro
    Feb 24 at 20:46
















0















I've set up an IPIP tunnel on 2 deb9 hosts for public IP routing and it kinda works. I can reach both ends, but if I let it idle for a bit, the speed decreases. After a while I can't even reach it anymore. If I send data (e.g. ping) through the tunnel from the host, the IPs are routed to, it wakes up again. What could be causing this?



OT:
I've tried GRE tunnels as well, but that just doesn't work as it should. It delivers 1.5mbit/s speeds on a gigabit link.










share|improve this question






















  • MTU/Keepalive issues. and having the TCP control/negotiation algorithms being applied twice (outside/inside the tunnel). Those are known limitations, not specific to Linux

    – Rui F Ribeiro
    Feb 24 at 15:34












  • And what could I do about the second part? I've tried changing the MTU, but that didn't help (atleast with the values i tried). I am running a ping session as a keepalive, but that only keeps it alive, the speed still goes down.

    – Martin Magyarics
    Feb 24 at 20:09











  • They are known issues of doing IP in top of IP, or even SCP on top of SSH+IP....I have no workarounds for you that work over the long term. Maybe using IPsec will improve the situation.

    – Rui F Ribeiro
    Feb 24 at 20:46














0












0








0








I've set up an IPIP tunnel on 2 deb9 hosts for public IP routing and it kinda works. I can reach both ends, but if I let it idle for a bit, the speed decreases. After a while I can't even reach it anymore. If I send data (e.g. ping) through the tunnel from the host, the IPs are routed to, it wakes up again. What could be causing this?



OT:
I've tried GRE tunnels as well, but that just doesn't work as it should. It delivers 1.5mbit/s speeds on a gigabit link.










share|improve this question














I've set up an IPIP tunnel on 2 deb9 hosts for public IP routing and it kinda works. I can reach both ends, but if I let it idle for a bit, the speed decreases. After a while I can't even reach it anymore. If I send data (e.g. ping) through the tunnel from the host, the IPs are routed to, it wakes up again. What could be causing this?



OT:
I've tried GRE tunnels as well, but that just doesn't work as it should. It delivers 1.5mbit/s speeds on a gigabit link.







linux debian networking deb






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Feb 24 at 10:23









Martin MagyaricsMartin Magyarics

115




115












  • MTU/Keepalive issues. and having the TCP control/negotiation algorithms being applied twice (outside/inside the tunnel). Those are known limitations, not specific to Linux

    – Rui F Ribeiro
    Feb 24 at 15:34












  • And what could I do about the second part? I've tried changing the MTU, but that didn't help (atleast with the values i tried). I am running a ping session as a keepalive, but that only keeps it alive, the speed still goes down.

    – Martin Magyarics
    Feb 24 at 20:09











  • They are known issues of doing IP in top of IP, or even SCP on top of SSH+IP....I have no workarounds for you that work over the long term. Maybe using IPsec will improve the situation.

    – Rui F Ribeiro
    Feb 24 at 20:46


















  • MTU/Keepalive issues. and having the TCP control/negotiation algorithms being applied twice (outside/inside the tunnel). Those are known limitations, not specific to Linux

    – Rui F Ribeiro
    Feb 24 at 15:34












  • And what could I do about the second part? I've tried changing the MTU, but that didn't help (atleast with the values i tried). I am running a ping session as a keepalive, but that only keeps it alive, the speed still goes down.

    – Martin Magyarics
    Feb 24 at 20:09











  • They are known issues of doing IP in top of IP, or even SCP on top of SSH+IP....I have no workarounds for you that work over the long term. Maybe using IPsec will improve the situation.

    – Rui F Ribeiro
    Feb 24 at 20:46

















MTU/Keepalive issues. and having the TCP control/negotiation algorithms being applied twice (outside/inside the tunnel). Those are known limitations, not specific to Linux

– Rui F Ribeiro
Feb 24 at 15:34






MTU/Keepalive issues. and having the TCP control/negotiation algorithms being applied twice (outside/inside the tunnel). Those are known limitations, not specific to Linux

– Rui F Ribeiro
Feb 24 at 15:34














And what could I do about the second part? I've tried changing the MTU, but that didn't help (atleast with the values i tried). I am running a ping session as a keepalive, but that only keeps it alive, the speed still goes down.

– Martin Magyarics
Feb 24 at 20:09





And what could I do about the second part? I've tried changing the MTU, but that didn't help (atleast with the values i tried). I am running a ping session as a keepalive, but that only keeps it alive, the speed still goes down.

– Martin Magyarics
Feb 24 at 20:09













They are known issues of doing IP in top of IP, or even SCP on top of SSH+IP....I have no workarounds for you that work over the long term. Maybe using IPsec will improve the situation.

– Rui F Ribeiro
Feb 24 at 20:46






They are known issues of doing IP in top of IP, or even SCP on top of SSH+IP....I have no workarounds for you that work over the long term. Maybe using IPsec will improve the situation.

– Rui F Ribeiro
Feb 24 at 20:46











0






active

oldest

votes











Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f502660%2fipip-tunnel-speed-decreases-if-idle%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes















draft saved

draft discarded
















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f502660%2fipip-tunnel-speed-decreases-if-idle%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown






Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?