bad performance and instable connection with tunnelblick and mavericks

1,080 views

Skip to first unread message

easter...@googlemail.com

unread,

Jan 23, 2014, 1:09:21 PM1/23/14

to tunnelbli...@googlegroups.com

hi there,

first of all, i want to describe you the problem.

i have set up a server which should route the 192.168.111.x subnet to the 192.168.2.x subnet within my company. while i use linux mint and can connect flawlessly and get performance of about 1mbit/s there is no chance, my coworker get a stable connection with mavericks.

he is able to connect to the server but the performance is pretty bad trying to access an smb share within the company network.

same thing with any other servers, a most he get about 1kb/s through the connection.

i read many posts complaining about the big MTU size, therefor i tried to lower it but it wont improove the performance.

just for the sake of beeing complete, here is server server config,

and again, with my linux setup everything works fine!

server versions:

----------

root@vpn:~# openvpn --version

OpenVPN 2.2.1 arm-linux-gnueabihf [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Oct 12 2013

Originally developed by James Yonan

$ ./configure --build=arm-linux-gnueabihf --prefix=/usr --includedir=${prefix}/include --mandir=${prefix}/share/man --infodir=${prefix}/share/info --sysconfdir=/etc --localstatedir=/var --libexecdir=${prefix}/lib/openvpn --disable-maintainer-mode --disable-dependency-tracking CFLAGS=-g -O2 CPPFLAGS= CXXFLAGS=-g -O2 FFLAGS=-g -O2 LDFLAGS= --enable-password-save --host=arm-linux-gnueabihf --build=arm-linux-gnueabihf --prefix=/usr --mandir=${prefix}/share/man --with-ifconfig-path=/sbin/ifconfig --with-route-path=/sbin/route

Compile time defines: ENABLE_CLIENT_SERVER ENABLE_DEBUG ENABLE_EUREPHIA ENABLE_FRAGMENT ENABLE_HTTP_PROXY ENABLE_MANAGEMENT ENABLE_MULTIHOME ENABLE_PASSWORD_SAVE ENABLE_PORT_SHARE ENABLE_SOCKS USE_CRYPTO USE_LIBDL USE_LZO USE_PF_INET6 USE_PKCS11 USE_SSL

serverconfig:

---------

port 1194

proto tcp-server

dev tun0

ca keys//xxx/ca.crt

cert keys//xxx/server.crt

key keys//xxx/server.key

dh keys//xxx/dh1024.pem

server 192.168.111.0 255.255.255.0

crl-verify keys//xxx/crl.pem

cipher BF-CBC

user nobody

group nogroup

status servers/test/logs/openvpn-status.log

log-append servers/test/logs/openvpn.log

verb 2

mute 20

max-clients 10

tun-mtu 1312

keepalive 10 120

client-config-dir /etc/openvpn/servers/test/ccd

tls-server

client-to-client

comp-lzo

persist-key

persist-tun

float

ccd-exclusive

push "route 192.168.2.0 255.255.255.0"

push "dhcp-option DNS 192.168.111.1"

push "dhcp-option WINS 192.168.111.1"

---------

tunnelblick logfiles:

---------------------

*Tunnelblick: OS X 10.9.1; Tunnelblick 3.4beta20 (build 3727); prior version 3.4beta18 (build 3704); Admin user

"Sanitized" configuration file for /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk:

client

proto tcp-client

dev tun

ca ca.crt

dh dh1024.pem

cert christian_neu.crt

key christian_neu.key

remote internetip 1194

cipher BF-CBC

verb 2

mute 20

tun-mtu 1312

keepalive 10 120

comp-lzo

persist-key

persist-tun

float

resolv-retry infinite

nobind

================================================================================

Configuration preferences:

-notMonitoringConnection = 1

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

-lastConnectionSucceeded = 1

================================================================================

Wildcard preferences:

-notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

================================================================================

Program preferences:

skipWarningAboutConvertingToTblks = 1

skipWarningAboutIgnoredConfigurations = 1

notOKToCheckThatIPAddressDidNotChangeAfterConnection = 0

askedUserIfOKToCheckThatIPAddressDidNotChangeAfterConnection = 1

tunnelblickVersionHistory = (

"3.4beta20 (build 3727)",

"3.4beta18 (build 3704)",

"3.4beta16 (build 3679)"

)

statusDisplayNumber = 0

showConnectedDurations = 1

connectionWindowDisplayCriteria = showWhenConnecting

maxLogDisplaySize = 102400

lastConnectedDisplayName = christian_neu

installationUID = 9AAA8A83-8EBC-4BE7-BFF7-B9F39BD49415

keyboardShortcutIndex = 1

updateCheckAutomatically = 1

updateSendProfileInfo = 1

NSWindow Frame SettingsSheetWindow = 657 161 829 424 0 0 1680 1028

NSWindow Frame ConnectingWindow = 623 630 389 187 0 0 1680 1028

NSWindow Frame ListingWindow = 1791 145 500 422 0 0 2560 1418

detailsWindowFrameVersion = 3727

detailsWindowFrame = {{438, 420}, {760, 468}}

detailsWindowLeftFrame = {{0, 0}, {135, 350}}

leftNavSelectedDisplayName = christian_neu

haveDealtWithSparkle1dot5b6 = 1

haveDealtWithOldTunTapPreferences = 1

SUEnableAutomaticChecks = 1

SUFeedURL = https://www.tunnelblick.net/appcast-b.rss

SUSendProfileInfo = 1

SULastCheckTime = 2014-01-23 17:30:59 +0000

SULastProfileSubmissionDate = 2014-01-23 16:28:45 +0000

SUHasLaunchedBefore = 1

WebKitDefaultFontSize = 11

WebKitStandardFont = Lucida Grande

================================================================================

Tunnelblick Log:

2014-01-23 18:31:09 *Tunnelblick: OS X 10.9.1; Tunnelblick 3.4beta20 (build 3727); prior version 3.4beta18 (build 3704)

2014-01-23 18:31:09 *Tunnelblick: Attempting connection with christian_neu; Set nameserver = 1; not monitoring connection

2014-01-23 18:31:09 *Tunnelblick: openvpnstart start christian_neu.tblk 1337 1 0 3 1 305 -ptADGNWradsgnw 2.2.1

2014-01-23 18:31:10 *Tunnelblick: openvpnstart log:

Loading tun-signed.kext

OpenVPN started successfully. Command used to start OpenVPN (one argument per displayed line):

/Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn

--cd

/Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents/Resources

--daemon

--management

127.0.0.1

1337

--config

/Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents/Resources/config.ovpn

--log

/Library/Application Support/Tunnelblick/Logs/-SLibrary-SApplication Support-STunnelblick-SShared-Schristian_neu.tblk-SContents-SResources-Sconfig.ovpn.1_0_3_1_305.1337.openvpn.log

--management-query-passwords

--management-hold

--script-security

--up

/Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -w -d -f -ptADGNWradsgnw

--down

/Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh -w -d -f -ptADGNWradsgnw

2014-01-23 18:31:09 *Tunnelblick: openvpnstart starting OpenVPN

2014-01-23 18:31:10 *Tunnelblick: Established communication with OpenVPN

2014-01-23 18:31:10 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Jan 6 2014

2014-01-23 18:31:10 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.

2014-01-23 18:31:10 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2014-01-23 18:31:10 LZO compression initialized

2014-01-23 18:31:10 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1312)

2014-01-23 18:31:10 Control Channel MTU parms [ L:1356 D:140 EF:40 EB:0 ET:0 EL:0 ]

2014-01-23 18:31:10 Data Channel MTU parms [ L:1356 D:1356 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]

2014-01-23 18:31:10 Local Options hash (VER=V4): '3cb652a4'

2014-01-23 18:31:10 Expected Remote Options hash (VER=V4): '6055b4d8'

2014-01-23 18:31:10 Attempting to establish TCP connection with **internetip**:1194 [nonblock]

2014-01-23 18:31:11 TCP connection established with **internetip**:1194

2014-01-23 18:31:11 TCPv4_CLIENT link local: [undef]

2014-01-23 18:31:11 TCPv4_CLIENT link remote: **internetip**:1194

2014-01-23 18:31:12 VERIFY OK: depth=1, /C=DE/ST=SA/L=city/O=companyname/emailAddress=ma...@mail.de

2014-01-23 18:31:12 VERIFY OK: depth=0, /C=DE/ST=SA/L=city/O=companyname/OU=Office/CN=server/emailAddress=ma...@mail.de

2014-01-23 18:31:14 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key

2014-01-23 18:31:14 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2014-01-23 18:31:14 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key

2014-01-23 18:31:14 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

2014-01-23 18:31:14 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA

2014-01-23 18:31:14 [server] Peer Connection Initiated with **internetip**:1194

2014-01-23 18:31:16 TUN/TAP device /dev/tun0 opened

2014-01-23 18:31:16 /sbin/ifconfig tun0 delete

ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address

2014-01-23 18:31:16 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure

2014-01-23 18:31:16 /sbin/ifconfig tun0 192.168.111.18 192.168.111.17 mtu 1312 netmask 255.255.255.255 up

2014-01-23 18:31:16 /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh -w -d -f -ptADGNWradsgnw tun0 1312 1356 192.168.111.18 192.168.111.17 init

**********************************************

Start of output from client.up.tunnelblick.sh

Retrieved from OpenVPN: name server(s) [ 192.168.111.1 ], search domain(s) [ ] and SMB server(s) [ 192.168.111.1 ] and using default domain name [ openvpn ]

Not aggregating ServerAddresses because running on OS X 10.6 or higher

Not aggregating WINSAddresses because running on OS X 10.6 or higher

Setting search domains to 'openvpn' because running under OS X 10.6 or higher and the search domains were not set manually and 'Prepend domain name to search domains' was not selected

Saved the DNS and SMB configurations so they can be restored

Set ServerAddresses to 192.168.111.1

Set SearchDomains to openvpn

Set DomainName to openvpn

Set WINSAddresses to 192.168.111.1

Flushed the DNS Cache

End of output from client.up.tunnelblick.sh

**********************************************

add net 192.168.2.0: gateway 192.168.111.17

add net 192.168.111.0: gateway 192.168.111.17

2014-01-23 18:31:19 *Tunnelblick: No 'connected.sh' script to execute

2014-01-23 18:31:19 Initialization Sequence Completed

2014-01-23 18:31:24 *Tunnelblick: This computer's apparent public IP address (ip) was unchanged after the connection was made

================================================================================

Console Log:

2014-01-23 17:28:44 Tunnelblick[7776] deleteAppFromLoginItems: LSSharedFileListItemResolve returned status = -43; url is NULL

2014-01-23 17:28:45 Tunnelblick[7776] Set program update feedURL to https://www.tunnelblick.net/appcast-b.rss

2014-01-23 17:28:47 Tunnelblick[7776] DEBUG: Updater: systemVersion 10.9.1 satisfies minimumSystemVersion 10.4.0

2014-01-23 17:29:11 kernel[0] hfs: mounted Tunnelblick on device disk2s2

2014-01-23 17:29:13 kernel[0] hfs: unmount initiated on Tunnelblick on device disk2s2

2014-01-23 17:29:28 Tunnelblick[7776] deleteAppFromLoginItems: LSSharedFileListItemResolve returned status = -43; url is NULL

2014-01-23 17:29:28 Tunnelblick[7776] updater:willInstallUpdate: Starting cleanup.

2014-01-23 17:29:28 Tunnelblick[7776] updater:willInstallUpdate: Cleanup finished.

2014-01-23 17:29:28 Tunnelblick[7776] AuthorizationExecuteWithPrivileges!

2014-01-23 17:29:31 Tunnelblick[7776] AuthorizationExecuteWithPrivileges!

2014-01-23 17:29:32 Tunnelblick[7776] AuthorizationExecuteWithPrivileges!

2014-01-23 17:29:32 Tunnelblick[7776] applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes

2014-01-23 17:29:32 Tunnelblick[7776] pthread_mutex_trylock( &cleanupMutex ) failed; status = 16, errno = 3

2014-01-23 17:29:32 Tunnelblick[7776] pthread_mutex_trylock( &cleanupMutex ) failed is normal and expected when Tunnelblick is updated

2014-01-23 17:29:32 Tunnelblick[7776] Finished shutting down Tunnelblick; allowing termination

2014-01-23 17:29:32 Tunnelblick[7840] deleteAppFromLoginItems: LSSharedFileListItemResolve returned status = -43; url is NULL

2014-01-23 17:29:32 Tunnelblick[7840] Tunnelblick muss:

• zur Absicherung Eigentümer und Rechte des Programms ändern

2014-01-23 17:29:51 Tunnelblick[7840] Beginning installation or repair

2014-01-23 17:29:51 authexec[7859] executing /Applications/Tunnelblick.app/Contents/Resources/installer

2014-01-23 17:29:51 Tunnelblick[7840] Installation or repair succeeded; Log:

Tunnelblick installer started 2014-01-23 17:29:51. 1 arguments: 0x0005

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/atsystemstart

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/installer

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/leasewatch

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/leasewatch3

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/process-network-changes

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/standardize-scutil-output

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.up.tunnelblick.sh

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.down.tunnelblick.sh

Changed permissions from 644 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.route-pre-down.tunnelblick.sh

Changed permissions from 644 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.1.up.tunnelblick.sh

Changed permissions from 644 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.1.down.tunnelblick.sh

Changed permissions from 644 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.2.up.tunnelblick.sh

Changed permissions from 644 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.2.down.tunnelblick.sh

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.3.up.tunnelblick.sh

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/client.3.down.tunnelblick.sh

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn-down-root.so

Changed permissions from 755 to 744 on /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.3.2/openvpn-down-root.so

Changed permissions from 755 to 4555 on /Applications/Tunnelblick.app/Contents/Resources/openvpnstart

2014-01-23 17:29:51 Tunnelblick[7840] Set program update feedURL to https://www.tunnelblick.net/appcast-b.rss

2014-01-23 17:29:52 Tunnelblick[7840] DEBUG: Updater: systemVersion 10.9.1 satisfies minimumSystemVersion 10.4.0

2014-01-23 17:29:58 Tunnelblick[7840] Configuration installer: CR characters are being removed or replaced with LF characters in the installed copy of /Users/admin/Desktop/christian_neu.tblk/christian_neu.ovpn

2014-01-23 17:30:04 Tunnelblick[7840] Beginning installation or repair

2014-01-23 17:30:04 authexec[7882] executing /Applications/Tunnelblick.app/Contents/Resources/installer

2014-01-23 17:30:04 Tunnelblick[7840] Installation or repair succeeded; Log:

Tunnelblick installer started 2014-01-23 17:30:04. 3 arguments: 0x0001 /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk /private/var/folders/sx/vgh5948x0t17wly9y7jndg280000gp/T/TunnelblickTemporaryDotTblk-g75A47/christian_neu.tblk

Copied /private/var/folders/sx/vgh5948x0t17wly9y7jndg280000gp/T/TunnelblickTemporaryDotTblk-g75A47/christian_neu.tblk to /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk.temp

Copied /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk.temp to /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk

Changed ownership of /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk and its contents from 502:20 to 0:0

Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk

Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents

Changed permissions from 755 to 750 on /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents/Resources

Changed permissions from 644 to 600 on /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents/Resources/ca.crt

Changed permissions from 644 to 600 on /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents/Resources/christian_neu.crt

Changed permissions from 644 to 600 on /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents/Resources/christian_neu.key

Changed permissions from 644 to 600 on /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents/Resources/config.ovpn

Changed permissions from 644 to 600 on /Library/Application Support/Tunnelblick/Shared/christian_neu.tblk/Contents/Resources/dh1024.pem

2014-01-23 18:29:11 Tunnelblick[7840] deleteAppFromLoginItems: LSSharedFileListItemResolve returned status = -43; url is NULL

2014-01-23 18:29:11 Tunnelblick[7840] applicationShouldTerminate: termination because of Quit; delayed until 'shutdownTunnelblick' finishes

2014-01-23 18:29:11 Tunnelblick[7840] Finished shutting down Tunnelblick; allowing termination

2014-01-23 18:30:59 Tunnelblick[8448] deleteAppFromLoginItems: LSSharedFileListItemResolve returned status = -43; url is NULL

2014-01-23 18:30:59 Tunnelblick[8448] Set program update feedURL to https://www.tunnelblick.net/appcast-b.rss

2014-01-23 18:31:02 Tunnelblick[8448] DEBUG: Updater: systemVersion 10.9.1 satisfies minimumSystemVersion 10.4.0

================================================================================

Non-Apple kexts that are loaded:

Index Refs Address Size Wired Name (Version) <Linked Against>

20 0 0xffffff7f80d92000 0x1a000 0x1a000 com.rim.driver.BlackBerryUSBDriverInt (0.0.97) <19 18 17 15 14 5 4 3 1>

110 1 0xffffff7f81807000 0xa000 0xa000 com.avatron.AVExVideo (1.7) <79 5 4 3>

111 0 0xffffff7f817fb000 0x4000 0x4000 com.globaldelight.driver.BoomDevice (1.1) <98 5 4 3 1>

119 0 0xffffff7f80c56000 0x5000 0x5000 com.Cycling74.driver.Soundflower (1.6.6) <98 5 4 3>

121 0 0xffffff7f81811000 0x5000 0x5000 com.avatron.AVExFramebuffer (1.7) <110 79 5 4 3>

131 0 0xffffff7f81802000 0x3000 0x3000 com.rim.driver.BlackBerryVirtualPrivateNetwork (1.0.12) <4 1>

136 0 0xffffff7f807cc000 0x7000 0x7000 foo.tap (1.0) <7 5 4 1>

165 0 0xffffff7f821ee000 0x6000 0x6000 net.tunnelblick.tun (1.0) <7 5 4 1>

jkbull...gmail.com

unread,

Jan 23, 2014, 5:02:41 PM1/23/14

to tunnelbli...@googlegroups.com, easter...@googlemail.com

Thanks for supplying such complete information.

This is most likely an OpenVPN problem (or an OpenVPN configuration problem), but have you tried running the MTU test? Select the configuration that you are having trouble with in the list on the left of the "VPN Details…" window, then click the "Advanced" button and then the "While Connected" tab. Put a check in "Run MTU maximum size test after connecting", then close the "Advanced" window and connect. For about two minutes after the connection is established, OpenVPN will run tests to determine the maximum MTU size; the results are presented in the log on the "Log" tab of the "VPN Details…" window.

Another possibility (if I understand you correctly) is that the problem isn't the VPN as such, but is accessing the SMB share. Have the user set up to "Route all traffic through the VPN" (on the same "While Connected" tab of the "Advanced" window for the configuration) and see if access to, say, YouTube is also slow.

I also noticed that there are a lot of third-party kexts loaded. That may be OK, but the "com.avatron.AVExFramebuffer" kext is not one I am familiar with.

easter...@googlemail.com

unread,

Jan 26, 2014, 7:05:39 AM1/26/14

to tunnelbli...@googlegroups.com, easter...@googlemail.com

weve tried this with another macclient, same result. the client is connecting and everything is slow and the network connection is therefore almost down. you cant browse the internet with the macs - with my linux client everything works as expected. i will try your suggestion with the MTU check, but i already tried lowering the MTU to that value.

easter...@googlemail.com

unread,

Jan 26, 2014, 7:10:26 AM1/26/14

to tunnelbli...@googlegroups.com, easter...@googlemail.com

i tried again with a standard windows PC from a friend of mine and used the openvpn client to connect to my network, everthing went fine, browsing smb shares, surfing the internet and downloading files with about 800kb/s ... so why have mac so much trouble with connecting to this vpn ... i have no idea.

jkbull...gmail.com

unread,

Jan 26, 2014, 7:24:00 AM1/26/14

to tunnelbli...@googlegroups.com, easter...@googlemail.com

Have you tried using a non-Mavericks Mac?

There are lots of problems accessing SMB

Is it only a problem with the SMB shares, or with all network access through the VPN? (See my earlier response to set up to send all traffic through the VPN.)

If the former, there are lots of problems accessing SMB shares with Mavericks because Mavericks uses a different protocol to access SMB shares than earlier versions of OS X. See, for example, http://www.zdnet.com/mavericks-smb2-problem-and-fixes-7000022519/. For one way to fix it, see http://hints.macworld.com/article.php?story=20131122083837447
If the latter, have you tried the MTU test and then adjusted the MTU accordingly?

swa.fr...@gmail.com

unread,

Feb 25, 2014, 8:01:30 PM2/25/14

to tunnelbli...@googlegroups.com, easter...@googlemail.com

I'm seeing the same I think

- only mavericks upgraded clients seem to be affected

at least 10.9.1 and 10.9.2 are affected.

- all packets are affected (including simple short pings)

- I'm not using SMB at all.

- problem is intermittent: if you let it be connected it somehow magically recovers and then goes bad again etc.