[Openswan Users] mtu problems
paul at xelerance.com
Sun Jan 4 01:51:37 EST 2009
On Sat, 3 Jan 2009, James Muir wrote:
> no. I am using openswan only on my end; the other end is a sonicwall.
> I am not able to set the mtu on the sonicwall.
> Just to recap, after I connect to the sonicwall
> this works: ping -s 1402
> this does not: ping -s 1403
> The larger packet size causes an "icmp fragmentation needed" response.
> the freeswan faq suggests that I should try using the option
> overridemtu= to fix this, but this option is for KLIPS only. Is there
> something that can be done with NETKEY??
> >> incidentally, the KLIPS module fails to build on my machine (kernel
> >> 2.6.24, openswan 2.6.19):
> > try 2.6.20rc1 from testing/
> If there is zero possibility of correcting the mtu size with the NETKEY
> stack, then I will give KLIPS a try. However, my feeling is that it
> should be possible make NETKEY work.
With netkey, you can do something like:
ip route change 22.214.171.124/24 via gwip mtu 1400
in the updown script
More information about the Users