[Openswan Users] Where did routes go with Openswan 2.6.31?

Michael H. Warfield mhw at WittsEnd.com
Mon Mar 14 16:48:24 EDT 2011


On Mon, 2011-03-14 at 13:38 -0400, Paul Wouters wrote: 
> On Mon, 14 Mar 2011, Greg Scott wrote:

> >> I never heard of tunnels crashing because of a bad MTU. I would not know which bug number that could relate to.
> >
> > It goes back to 2006 and version 2.4.something and by now it's ancient history.  One customer was doing a Windows RDP session over an IPSEC tunnel.  I shouldn't have said the tunnel crashed - the RDP session crashed.

> Okay. I'll just take this as a windows bug. If you can reproduce something that can be blamed on
> openswan please get back to us.

It may not be a Windows bug.  It sounds to me more like PMTU discovery
failure.  I've seen it and dealt with it and it affects Windows and
Linux systems and it's not a bug.  It's generally a misconfigured
firewall somewhere that's blocking ICMP that's needed for PMTU
discovery.  I know how to disable it for Linux (for those cases where
you simply can NOT pound some sense into the firewall admins with a
sledge hammer) and there's some way to disable it for Windows but I
don't recall what it is off the top of my head.  It might be something
worth noting in an FAQ somewhere.

> Paul

Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/users/attachments/20110314/3c7b5c22/attachment.bin 

More information about the Users mailing list