[strongSwan] Limit path MTU of IPsec between hosts

Tobias Brunner tobias at strongswan.org
Fri Aug 22 10:29:32 CEST 2014

Hi Noel,

> Is there a way to limit the mss that is encapsulated into the ESP packets
> and/or cause fragmentation on either of the endpoints?

You can do so via iptables [1] or the patches at [2].


[1] http://lartc.org/howto/lartc.cookbook.mtu-mss.html
[2] https://wiki.strongswan.org/issues/632#note-14

More information about the Users mailing list