Subject: Re: PMTU discovery
To: Nicolas Saurbier <Nicolas.Saurbier@biodata.de>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: netbsd-help
Date: 08/07/2002 21:29:07
On Tue, Aug 06, 2002 at 03:33:51PM +0200, Nicolas Saurbier wrote:
> Hi,
>
> is NetBSD capable of doing a PathMTU Discovery???
yes, see the net.inet.ip.mtudisc sysctl variable.
> As far as I can see from my dump, NetBSD is sending fragmented ESP-Packets...
> Thatīs not a very good solution, because Fragmented ESP-Packets seem to be
> insecure. Even some IPsec gateways drop fragmented ESP-Packets. => problem
> of compatibility. In "man sysctl" iīve seen a flag called "net.inet.ip.mtudisc",
> does that flag activate the PMTU-Discovery???
Yes, set it to one:
sysctl -w net.inet.ip.mtudisc=1
--
Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr
--