[Openswan Users] pmtu discovery on SA

martin f krafft madduck at madduck.net
Tue Mar 22 23:49:04 CET 2005

also sprach Ken Bantoft <ken at xelerance.com> [2005.03.22.2143 +0100]:
> MTU issues with the build-in IPsec stack are common, and reported
> over the past year many times... so it's seen every week or so.

Sorry, I could not find an acceptable answer with google.

> Normally, people work around it, with either iptables, or changing
> the route add command to add 'mtu 1400' or similar to the end.
> Both are hacks, but seem to solve the immediate problems.

Yeah, that's what I am doing. Well, glad that the problem is known,
then I can live with the hack and wait for a fixed version...

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net at madduck
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
spamtraps: madduck.bogus at madduck.net
"in the country of the blind,
 the one-eyed man is not king.
 he is taken to be a hallucinating lunatic."
                                                     -marshall mcluhan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20050322/3054c3f6/attachment.bin

More information about the Users mailing list