[Openswan Users] openswan vs freeswan

Paul Wouters paul at xelerance.com
Mon Mar 27 17:21:12 CEST 2006


On Mon, 27 Mar 2006, Massimo Mazzoldi wrote:

> Now I just turned it off with fragicmp=0;
>
> from man ipsec.conf
> ________
> fragicmp
> whether a tunnel's need to fragment a packet should be reported back with an
> ICMP message, in an attempt  to  make  the sender lower his PMTU estimate;
> acceptable values are yes (the default) and no.
> _________
>
> and now it seems working right.... and actually better... since no
> fragmentation error is returned...
>
> has anyone experience on how to handle my problem?

There was a bug in KLIPS that triggered this, and the fragicmp is a workaround
for that bug. The bug has been fixed though, so for the 2.4.5rcX it should
not longer be needed.

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list