[Openswan Users] MTU problems

Cameron Davidson cam73 at aanet.com.au
Mon Jul 17 23:13:51 CEST 2006

Peter Farrow wrote:
> Hi There,
> It seems MTU problems abound with VPN over openswan, MTU problems that I 
> didn't get when I ran Freeswan.
> I have to manually set the MTU on all windows 2003 servers and Linux 
> boxes so that they can communicate over the openswan tunnel between sites.
> I am setting it to 1492.  I never had to do this when I ran redhat 9 and 
> freeswan.
> Running Centos 4.3 and open swan after a firewall machine upgrade has 
> introduced these MTU issues.
> Is there a fix, am I doing  something wrong?  The only change has been 
> the upgrade to Centos 4.3 and Openswan....

It seems to me that RH might not have backported some of the MTU fixes 
from around 2.6.12 - I think they related to using the NETKEY code 
rather than KLIPS.

I compiled and installed a stock 2.6.16 kernel on top of Centos 4.3 and 
that aspect of the problem got fixed. There are other problems that 
require better understanding of the differences between the different 
versions as well.
I summarised what I found in a post in early June.


More information about the Users mailing list