[strongSwan] High latencies
Turbo Fredriksson
turbo at bayour.com
Tue Sep 19 16:25:28 CEST 2017
On 19 Sep 2017, at 15:16, Noel Kuntze <noel.kuntze+strongswan-users-ml at thermi.consulting> wrote:
> Usage of the MSS target in iptables, usage of kernel-netlink.mtu or of MTUs on the routes in the routing tables
root at jumpbox-london:~# iptables-save | grep -i MSS
root at jumpbox-london:~# ip route show
default via 10.110.3.1 dev eth0
10.110.3.0/24 dev eth0 proto kernel scope link src 10.110.3.76
root at jumpbox-london:~# ip route get 10.99.0.174
10.99.0.174 via 10.110.3.1 dev eth0 src 10.110.3.76
cache
“10.99.0.174” is jumpbox-ireland..
> You break PMTU discovery if you don't accept ctstate RELATED or drop ICMP before accepting ctstate RELATED.
No idea what any of that mean! :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170919/686e84c3/attachment.sig>
More information about the Users
mailing list