[Openswan dev] [Openswan Users] Fragmentation/reassembly bad
behaviour (fwd)
Marcus Better
marcus at better.se
Tue Jan 11 09:44:24 CET 2005
I and others have had a similar problem with fragmentation. It might be the
same bug. It has also been reported here:
http://www.uwsg.iu.edu/hypermail/linux/net/0401.3/0057.html
http://www.uwsg.iu.edu/hypermail/linux/net/0402.2/0000.html
The temporary fix is to use Netfilter to force the MSS to something smaller:
$IPTABLES -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1404
Marcus
More information about the Dev
mailing list