[Openswan Users] Where did routes go with Openswan 2.6.31?
Michael H. Warfield
mhw at WittsEnd.com
Mon Mar 14 16:48:24 EDT 2011
On Mon, 2011-03-14 at 13:38 -0400, Paul Wouters wrote:
> On Mon, 14 Mar 2011, Greg Scott wrote:
> >> I never heard of tunnels crashing because of a bad MTU. I would not know which bug number that could relate to.
> > It goes back to 2006 and version 2.4.something and by now it's ancient history. One customer was doing a Windows RDP session over an IPSEC tunnel. I shouldn't have said the tunnel crashed - the RDP session crashed.
> Okay. I'll just take this as a windows bug. If you can reproduce something that can be blamed on
> openswan please get back to us.
It may not be a Windows bug. It sounds to me more like PMTU discovery
failure. I've seen it and dealt with it and it affects Windows and
Linux systems and it's not a bug. It's generally a misconfigured
firewall somewhere that's blocking ICMP that's needed for PMTU
discovery. I know how to disable it for Linux (for those cases where
you simply can NOT pound some sense into the firewall admins with a
sledge hammer) and there's some way to disable it for Windows but I
don't recall what it is off the top of my head. It might be something
worth noting in an FAQ somewhere.
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://lists.openswan.org/pipermail/users/attachments/20110314/3c7b5c22/attachment.bin
More information about the Users