[strongSwan] Limit path MTU of IPsec between hosts
Noel Kuntze
noel at familie-kuntze.de
Fri Aug 22 10:21:45 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello list,
I'm running into some problems with IPsec, because of a low path MTU.
What happens is, that the ESP packets get fragmented by some router on the network path between the hosts.
That stops some websites from loading.
Is there a way to limit the mss that is encapsulated into the ESP packets
and/or cause fragmentation on either of the endpoints?
Regards,
Noel Kuntze
- --
GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJT9v2XAAoJEDg5KY9j7GZYMdgP/2KXs1sXHDw5IAR4w2/39XzD
MnxUhKiSqhd9B1HXhS4BAOi3XuoR4JsuFqePU57joEg2vd4ZF9Z1iGoDYZeywuvL
Bou7VAsYN9sXv2O0Karuw9n+w+wkK+DqGrSk90SzHu66cg9MXWHoWhY8LTlJpuj1
oNNRuLVzGlPx3NIDRQvjxcUtnrQVAzurxhiFRNoo3Fm0TBuRIkuRUNH7hig8/VZL
hBUO03V+p/6HZ6MNHpUrapMG4dAmCEuYwRtLloWuW6N1gcDpmMhhb4pMzWQpU+M6
0uzh/cnRjkbF4qMasn9pyHJNiUK6+ARKqqB7yAlaNttbw4bIyMp879Sa9Qt7HGHJ
6YtLyIf2l/qyFxra6SNhPZfIsCovQSPA4Mh/WRtAsrcUXRRPC89+m2FkJgQju0gT
OSDVOsfmp6AR+/cll+DN9ZOli1uLL6vG+1YYuE4HBCvsVoLeY97tERvgmwh3SbM/
jsrpNqIIq246uW8kQ0sdSHVu4y+rRnLqymxXytfhhAsY0J6WJ9QmXf2gGPSpYspW
FHgQ5tSwxDaAnBvVX8K+ROYmoIgbl40e27mNwDMbYzVIxhViuoVocJGxy6C4uLYV
YBzQmGTSD9pdi7FSIzsT1QpmxpzGYTuX5H8qYBYBL6NX/rcBDq5UdszHYnEEUjny
y7Dk0o3NwQhrC2dVPFA2
=mH1B
-----END PGP SIGNATURE-----
More information about the Users
mailing list