[Openswan Users] 2.4.5 klips mtu issue

[Michael Richardson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Brian" == Brian Candler <B.Candler at pobox.com> writes:
    Brian> The behaviour is the same with both 2.4.30 (OpenWRT WR RC5)
    Brian> and 2.6.9 (CentOS 4.2). I can't see any way to turn this off
    Brian> on a socket-by-socket basis, which means to fix it for L2TP,
    Brian> I have to break TCP PMTU discovery.  Ugh.

    >> On 2.6 there is a socket option, which l2tpd could very well use.

    Brian> Is this recent 2.6 kernels only? I went through the socket(7)
    Brian> manpage and include/asm-i386/socket.h and couldn't find one,
    Brian> but this is CentOS (= RHES clone) with 2.6.9 kernel.

  No, been around awhile for awhile:

net/ipv4/ip_sockglue.c:

int ip_setsockopt(struct sock *sk, int level, int optname, char __user *optval, int optlen)
...

		case IP_MTU_DISCOVER:
			if (val<0 || val>2)
				goto e_inval;
			inet->pmtudisc = val;
			break;
- -- 
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBRDsPWICLcPvd0N1lAQIjCQf+IV7khxfMyEAVwGSNTzT2gUi/bjCmvGei
I/BRimlQgBMz50XU7goIgJLBXyHVXzGHTND2QQm2S18XPbQ9eTnsVW8caKrsEaK4
UoUzCwJf013LOPNqCK2WD6ITlS5tUUYfhNgbgBHGyQD9DjQ5A0RB3bgG4CHamnZc
30JC4Jh7/9UPqXv+DTvCXCmOrw2ppWhHqheOp4IAdQgxTjRhzlVxmEhsfKpB+bDX
v6SaZZoHlzSfHhBLHvqcnLWk0byh2zSCyvtooz/QO8t2pr0wXwrEZmiM/XkOecqL
MrCYA36kFzNDSnKhFtVXkGfJ52ZLCLyyL7PMVLAR8cD+IJCf69Gduw==
=2ORX
-----END PGP SIGNATURE-----