[Openswan Users] openswan vs freeswan

Paul Wouters paul at xelerance.com
Mon Mar 27 17:21:12 CEST 2006

On Mon, 27 Mar 2006, Massimo Mazzoldi wrote:

> Now I just turned it off with fragicmp=0;
> from man ipsec.conf
> ________
> fragicmp
> whether a tunnel's need to fragment a packet should be reported back with an
> ICMP message, in an attempt  to  make  the sender lower his PMTU estimate;
> acceptable values are yes (the default) and no.
> _________
> and now it seems working right.... and actually better... since no
> fragmentation error is returned...
> has anyone experience on how to handle my problem?

There was a bug in KLIPS that triggered this, and the fragicmp is a workaround
for that bug. The bug has been fixed though, so for the 2.4.5rcX it should
not longer be needed.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list