[Openswan Users]
Openswan 2.4.3 issue - gateway spewing "need to frag"
Ryley Breiddal
rbreiddal at presinet.com
Wed Nov 16 17:07:50 CET 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I just updated a system from Openswan 2.3.1 to 2.4.3 today, and it went
from working perfectly to "very broken". The symptoms I see are legit
packets from the internal network getting rejected by the Openswan
gateway with icmp need to frag packets. This is for 60-90 byte packets.
I switched off "fragicmp=no" and everything goes back to working
perfectly, but this behaviour is worrying.
We're working off a 2.4.30 kernel with Openswan 2.4.3.
Any ideas or suggestions?
Thanks,
_____________________________________
Ryley Breiddal
PresiNET Systems
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
iD8DBQFDe9hzMTUY55MR22ERAvTjAJ0euKSB1PGvYcPTOUQ6+GMQdsIGVACeKQmF
ufw83y3q9BEiRm908i9Rv34=
=JybH
-----END PGP SIGNATURE-----
More information about the Users
mailing list