[strongSwan] How to force DF bit in IPsec packets

T Cheung tccheung1 at gmail.com
Tue Jul 23 23:22:00 CEST 2013


I read that there used to be an "overridemtu" option in ipsec.conf used by
Strongswan does not provide such an option.  This seems to have something
to do with
setting of the DF bit.  Right now my ping packets all have DF bit set when
it is 1300 or
below, but the DF bit is always clear when it exceeds 1400.  Is there
anyway to
force all packets to set the DF bit regardless of the packet size?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130723/109dcdc0/attachment.html>

More information about the Users mailing list