[Openswan Users] OpenSWAN / Native 2.6 IPSec: MTU / PMTUD woes

Paul Wouters paul at xelerance.com
Mon Feb 7 13:18:09 CET 2005


On Mon, 7 Feb 2005, Jan Koop wrote:

> I just wanted to share my partially horrifying experience with Native 2.6 
> Kernel IPSec, OpenSWAN and path MTU discovery (PTMUD) with the list.

> Under kernel 2.6 native ipsec pmtud with ipsec is reported to be broken in 
> the posts i dug out.

If you are not running a redhat kernel, you can run KLIPS on 2.6. Just run:

export KERNELSRC=/usr/src/yourlinux-2.6
make module26 m26install

Be sure to load ipsec.ko and unload af_key, ah, esp4 and xfrm4_tunnel
Also, do not unload the ipsec module (edit _realsetup) as module unloading
with 2.6 still has a problem.

Paul



More information about the Users mailing list