Flint 2, connection interrupted (FTP, SSH)

Hi there,

I have both the Flint 1 and Flint 2.

I have been experiencing a weird issue with ftp, sftp and ssh connections to remote servers, where my connection stops transferring data during a session.

It’s not happening with Flint 1, and it also does not happen with other devices.

When I start Filezilla and connect to a server, then try to update a large file it just keeps stopping and failing even after all of the retries with the connection interrupted error.

When I am doing work via ssh to a remote server, and if I am monitoring a server for more than 5 or 10 minutes, running a script, etc, it freezes and no more data can be transferred. The screen freezes with the last data (not the software, just the text on the window), canceling doesn’t work, etc.

On Flint 2 I cannot have long remote sessions to a remote server as it gets cut when I am working.
I tried to use wireguard but it also didn’t solve the issue.

My connection is PPPoE via optic fiber.
I can see the connection is working fine even when this happens.

Is this a bug, some firewall issue on the router, or any other ideas?

Do you have identical configurations and connection types in both Flint 1 and 2?

The configs are as close as possible between both, yes.
Also tried as default as possible, with only the internet configuration and wifi setting.
Tried same wireguard vpn too, but it happens with or without.
I’m on firmware v 4.5.6 for Flint 2.

It’s a pre-order unit, so I hope there is nothing wrong with it.
The behavior is as if a firewall suddenly blocked the connection to that session only.
I can reconnect on another window and the same happens after a while.

It could be the firewall, especially the mss value. Login into LuCi → firewall then edit the lan to wan rule and experiment with enabling/disabling the MSS clamping.

But I also suspect the pppoe connection! Did you try to lower the MTU?

For the FTP, can you try changing active or passive mode in the ftp client software?

I don’t think so. He also experienced issues with ssh.

On Luci Firewall, some notice: Imgur: The magic of the Internet
but looks fine, I think: Imgur: The magic of the Internet

I tried to disable syn-flood protection, still same situation.
MSS clamping was already disabled.
When I enable that, I get stuck on “Waiting for replies to skip before sending next command…” on Filezilla, and it doesn’t even start sending the file.

I noticed, but I could be wrong, that it always seems to fail right after the software trying to send a keepalive request (filezilla, putty, etc). Might be coincidence though.

I lowered the MTU all the way down to 1320 (on wireguard vpn) and same problem.

Any other ideas?

To eliminate other factors, you should disable the vpn! You are introducing other issues while troubleshooting.

Try to lower it more it does not hurt till you find if the MTU is the main cause or not.

Google: PMTU black hole

Wireguard was just for testing if it would work.

I did another factory reset and turned it of for a few minutes, then I only setup PPPoE and apparently, it’s no longer getting stuck, so apparently is fixed.

I will reconfigure everything again and see if it comes back.

So, I talked too soon… after the last reset, the connection no longer hangs even when I configure other settings such as DNS over TLS, which is great.

However, the issue continues with VPN, which is a big problem at the moment because I am in Turkey and the internet is heavily censored, so I really need to use a VPN.

When I connect to any VPN via Wireguard or Ovpn it has the same issue.
I will start uploading a large file via FTP or SFTP, and it will just suddenly stop transferring any data.
There is no specific amount of time or data volume, it appears to be random, but it always happens around 10 to 15% of the upload (consistently).

I tried different ftp and sftp servers, and also remote sessions to multiple providers.
I used privately configured vpn servers as well as commercial vpn (nord, ivacy, surfshark) and the same happens.

Several vpn sites are blocked in Turkey, but their server configs work fine.
I thought at first, they were detecting the usage of wireguard and blocking it… but no. The wireguard and ovpn itself works well with other devices, including Flint 1 which I am now using again.

There is also a situation a bit confusing regarding cloudflare’s warp plus and Flint 2.
I use a wireguard config and it works perfectly well on a windows client with the wireguard client app, but when I import the file to Flint 2 and enable it, it shows as connected but in reality I loose all connectivity to the internet.

I reseted the router a few more times and I only setup PPPoE and Wireguard.
I tried to disable Network Acceleration, enable/disable MSS clamp, use cloudflare DNS, and tried several other options on the interface.

With Flint 1, it just works and everything is fine, so I am not sure what is going on with Flint 2 specifically.

Im thinking but could it be for filezilla you can only use one connection?, and not 4 connections which is default?

Second im aware of a commit in upstream OpenWrt with issues related to bidirectional data and hardware/firewall offloading, i managed to replicate it one time with a iperf3 with the --bidir option but never was able to do it again, but that indeed made the router lock up fully.

It’s not filezilla, I use other tools and the same thing happens.
Also I am only transferring one single 2GB file.
It’s in Passive mode… I know the configs as I have used sFTP/FTP for years.
It only happens with Flint 2, so it certainly looks device specific.
Firewall disabled on Windows, tried uploading from a mobile device, same issue.

And if you disable hardware acceleration and firewall offloading? otherwise im out of ideas to.

Thanks, I already did, but it’s the same.
Now it’s only happening with VPN, so it’s probably something VPN related.

Somehow like others already said, i also start to suspect that it is a issue with the mtu, however you might want to increase it.

My knowledge is not super duper on MTU, but when i make up my theory:

I think instead of lowering mtu, it needs to be increased, due the overhead of pppoe and the wireguard client combined, just increase with a little each time and restart the wireguard, i think mss clamping should be active otherwise you will get more issues likely.