[Openswan Users] ipsec0: MTU of 16260
Paul Wouters
paul at xelerance.com
Thu Jul 1 21:08:16 CEST 2004
On Thu, 1 Jul 2004, Graham Leggett wrote:
> If the MTU of ipsec0 is 16260, the VPN does not work. If the MTU of
> ipsec0 is 1400, the VPN works. Connections _not_ using the VPN always
> work, because the MTU has already been dropped from the default of 1492
> to it's current value of 1466.
You are fixing it at the wrong spot. So for the lat time, change the mtu
on the ethX device, not the ipsecX device.
Changing it on the ipsecX will "happen to work" because you are not
hitting the ethX mtu size in that case anymore, but the real problem is
the ethX mtu size. If you do something non-ipsec, you will STILL have a
broken network if you change the ipsecX one.
I am also not sure what other ill effects might happen with an ipsecX
device with such a low mtu.
Paul
More information about the Users
mailing list