[Openswan Users] pmtu / df-bit problem
Marek Greško
gresko at thr.sk
Wed Aug 20 05:09:11 EDT 2008
Hello,
I have a strange problem with my provider. Instead of application of PMTU
discovery he clears the DF bit of packets and fragments it.
When I receive two fragments they get silently dropped. I was thinking it is
because some ESP checksum get wrong because of DF-bit change of my provider.
But he states, that outer IP header is not a part of ICV, and it looks like
he is right.
Could somebody, please, give me an advice on this issue?
What is it. A firewall bug? Netkey bug?
When I use different provider who implements PMTU discovery, everything works
OK.
Thank you.
M.
--
Marek Greško
More information about the Users
mailing list