Subject: Re: packet loss? w/ 1.6[A-D] & IPSEC policy
To: None <email@example.com>
From: Arto Selonen <firstname.lastname@example.org>
Date: 07/22/2002 20:41:56
On Sat, 20 Jul 2002, Arto Selonen wrote:
> Yes, this could well be related to the ep driver issues discussed earlier.
Well, it is not. I don't know what I was thinking/doing when I "checked"
that the problem was asymmetric. Here is the countdown of the facts:
- without IPSEC I can transfer bytes in both directions normally
- with IPSEC enabled transfers to either direction fail for
bigger packets (one end has ep0, the other has ex0); ie. packets
that grow over MTU size due to IPSEC overhead
- with IPSEC policies, but Path MTU Discovery disabled
(sysctl -w net.inet.ip.mtudisc=0) problems disappear
So, my problem is solved. In case others have similar problems:
- is the above expected behavior?
- how should I have learned about it in advance?
- should it be documented better?
#######======------ http://www.selonen.org/arto/ --------========########
Everstinkuja 5 B 35 Don't mind doing it.
FIN-02600 Espoo email@example.com Don't mind not doing it.
Finland tel +358 50 560 4826 Don't know anything about it.