Hi!

On Mon, 29 Mar 2004, Thor Lancelot Simon wrote:

> On Mon, Mar 29, 2004 at 09:11:21PM +0300, Arto Selonen wrote:
> >
> > The transport mode IPSEC-tunnel uses 10/8 addresses internally, so there
>
> Try again.  It's either transport mode or tunnel mode, but it's not
> both.   And for fragmentation issues, it matters.

My bad. It's transport mode. I just always think of them as tunnels.
For a more complete description of the setup, see:

	http://mail-index.netbsd.org/current-users/2002/07/20/0008.html

The problem was somewhat similar: a "large" packet causes problems due to
fragmentation issues, and it turned out to be a bug in header size
calculations:

	http://mail-index.netbsd.org/source-changes/2002/09/04/0056.html


Artsi
-- 
#######======------  http://www.selonen.org/arto/  --------========########
Everstinkuja 5 B 35                               Don't mind doing it.
FIN-02600 Espoo        arto@selonen.org         Don't mind not doing it.
Finland              tel +358 50 560 4826     Don't know anything about it.