DF (Don't frag) issues
Matthew Sullivan
matthew at uq.edu.au
Mon May 2 14:44:27 PDT 2005
Andre Oppermann wrote:
> I'm at loss for an explanation. I've recreated approximatly the same
> setup with the gif tunnel (but no IPSec) and it works just fine for me.
> Getting correct MTU back and everything.
>
> What is your IPSec setup? Could it be that you do the IPSec on the IP
> packet first before it goes into the gif tunnel instead of the other
> way around? That may explain this behaviour.
>
You're quite welcome to take a look - this is the first time up for me
with FreeBSD, ipf/ipfw/pf and VPNs - to date I have used iptables and
FreeSWAN on Linux (settled on pf).
Setup scripts for the tunnel are at:
http://scorpion.sorbs.net/ICMP/ipsec-stealth.sh.txt (this is the VPN
server)
http://scorpion.sorbs.net/ICMP/ipsec-oblivion.sh.txt (this is my home
machine where the mulitple nets are)
Regards,
--
Matthew Sullivan
Specialist Systems Programmer
Information Technology Services
The University of Queensland
More information about the freebsd-current
mailing list