[Openswan Users] tcpdump + mtu

Bernd Weber bwinfo at gwk-gmbh.de
Fri Oct 15 12:15:22 CEST 2004

Thanks Paul, I have been thinking about this myself, but I wouldn't see 
the decrypted traffic then.

Do you have any idea about the second (and more pressing) problem with 
the lost packets over pppoed?


Paul Wouters wrote:

> On Wed, 13 Oct 2004, Bernd Weber wrote:
>> This setup worked well with Kernel 2.4 and Freeswan 1.98b.
>> I can connect - no problem with that. I can ping, however if I start 
>> tcpdump on the ppp0 interface I will  see for
>> each ICMP Echo/Reply pair
>> 1. an encrypted outgoing packet
>> 2. an decrypted incoming packet
>> 3. the same decrypted incoming packet again.
> Welcome to the 2.6 ipsec stack. It works, it just looks weird in tcpdump.
> If you want to see no plaintext packets actually leave your machine,
> sniff at the router in the middle. You will only see encrypted packets.
> Paul

More information about the Users mailing list