[Openswan Users] Unusual packet loss
paul at xelerance.com
Mon Jan 24 13:29:38 CET 2005
On Mon, 24 Jan 2005, Philip Burrow wrote:
> machine. One question though - if MTU were the problem, why is it only a
> problem when I bring the tunnels up?
Because NETKEY does not support path mtu discovery, which for non-ipsec
packets is supported by the normal kernel routes. KLIPS does implement
PMTU for ipsec, but is still marked experimental for the 2.6 kernel.
"At best it is a theory, at worst a fantasy" -- Michael Crichton
More information about the Users