[Openswan Users] IP Truncated
Jacco de Leeuw
jacco2 at dds.nl
Mon Oct 24 18:21:32 CEST 2005
Oliver Tomkins wrote:
> When our remote users connect everything seems fine, however when they
> try to connect to one of our applications it fails.
>
> tcpdump tells us this:
>
> 15:27:59.571219 IP ipsec.domain.co.uk.l2tp > XXX.XXX.XXX.XXX.l2tp:
> l2tp:[L](2/1) {IP truncated-ip - 742 bytes missing!
> dbs.domain.co.uk.ms-sql-s > client.domain.co.uk.1161: P 2358:3571(1213)
> ack 1116 win 64420}
Tcpdump may be truncating the packets. Can you try with a larger snapshot
length (e.g. -s 1500)? Are you using KLIPS or NETKEY? In the latter case,
using tcpdump does not make much sense because of the way how NETKEY works.
There could be an MTU problem. There are known problems with PMTU discovery
in 2.6 kernels before 2.6.12, see also:
http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#MTUproblems
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
Mosquitos suck
More information about the Users
mailing list