[Openswan Users] Hung sessions in 2.1.[45] under 2.6.7
Shane Hickey
shane at howsyournetwork.com
Thu Aug 26 10:54:37 CEST 2004
Paul Wouters <paul at xelerance.com> [2004-08-26 11:32]:
> Intersting. Try loweing your mtu on the laptop to say 1200 and see
> what happens. (Don't use overridemtu=, that only applies to ipsecX,
> KLIPS)
The laptop is actually the firewall. I tried lowering that MTU on all of it's interfaces to 1200 and that didn't help. However, when I change my MTU on my workstation (behind the firewall) that fixes it right up. Even an MTU of 1400 works like a charm. It's weird because large pings were going through fine.
> Let me know if this helps. It is interesting, because it means that in
> the same network, KLIPS works with your network, but the 2.6 native
> code has mtu issues. Though we would only know for sure once KLIPS on
> 2.6 is an option, for a real compare. This will hopefully be within a
> few weeks.
Wow... only a few weeks, eh? I thought it was much further out than that.
> Also, a lot of ipsec fixes went into 2.6.8.1, you might want to
> upgrade to that kernel instead.
I'm going to do this now. I'll report my success/failure to the list.
Thanks for all the help!
--
Shane Hickey <shane at howsyournetwork.com>: Network/System Consultant
GPG KeyID: 777CBF3F
Key fingerprint: 254F B2AC 9939 C715 278C DA95 4109 9F69 777C BF3F
Listening to: Eligh - They're Here! (Intro)
More information about the Users
mailing list