[Openswan Users] Hung sessions in 2.1.[45] under 2.6.7

Shane Hickey shane at howsyournetwork.com
Thu Aug 26 10:54:37 CEST 2004

Paul Wouters <paul at xelerance.com> [2004-08-26 11:32]:
> Intersting.  Try loweing your mtu on the laptop to say 1200 and see
> what happens. (Don't use overridemtu=, that only applies to ipsecX,

The laptop is actually the firewall.  I tried lowering that MTU on all of it's interfaces to 1200 and that didn't help.  However, when I change my MTU on my workstation (behind the firewall) that fixes it right up.  Even an MTU of 1400 works like a charm.  It's weird because large pings were going through fine.

> Let me know if this helps. It is interesting, because it means that in
> the same network, KLIPS works with your network, but the 2.6 native
> code has mtu issues. Though we would only know for sure once KLIPS on
> 2.6 is an option, for a real compare. This will hopefully be within a
> few weeks.

Wow... only a few weeks, eh?  I thought it was much further out than that.

> Also, a lot of ipsec fixes went into, you might want to
> upgrade to that kernel instead.

I'm going to do this now.  I'll report my success/failure to the list.

Thanks for all the help!

Shane Hickey <shane at howsyournetwork.com>: Network/System Consultant
Key fingerprint: 254F B2AC 9939 C715 278C  DA95 4109 9F69 777C BF3F
Listening to: Eligh - They're Here! (Intro)

More information about the Users mailing list