[Openswan Users] overridemtu on U2.1.4/K2.6.7 (native) not
working?
Herbert Xu
herbert at gondor.apana.org.au
Wed Jul 14 10:19:17 CEST 2004
jerry <jz at silpion.de> wrote:
>
> I reduced the mtu of the ETH1 (inet-side) and restarted openswan.
> Thats it! The mtu/mss of ESP's was shorter and I can surf and ssh and all other things!
> ;-)
Under 26sec, there is currently no way to set the MTU inside the tunnel.
You can only influence the inner MTU by changing the MTU of ther remote
IPsec gateway.
Setting the MTU on the interface is one way of doing that. Another way
is to add a route:
ip r r 1.2.3.4 via x.x.x.x dev eth1 mtu yyyy
where 1.2.3.4 is the address of the remote gateway, x.x.x.x is your
nexthop gateway and yyyy is the outer MTU you want to lower it to.
Incidentally, this is exactly the sort of situation that my MSS-clamp
based proposal is meant to address.
BTW, is this mailing list setting a Reply-To header? If so this is
drastically reducing the likelihood of me replying to any posts since
I may never see the replies at all.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Users
mailing list