IPSec session stalls
Jeremie Le Hen
jeremie at le-hen.org
Tue Oct 25 06:58:40 PDT 2005
> Not sure: what you described in your first mail also looks like a
> "basic" fragmentation problem, which can be easily solved by
> decreasing MTU on traffic endpoints (you can also play with TCPMSS on
> one gate, but this will only solve TCP problems...).
>
> The pf interaction may only be a side effect of a fragmentation
> problem.
Hi also have problems with my IPSec tunnel. IIRC from tests that I made,
this is a Path MTU Discovery problem.
I described a similar problem here, but never succeeded to resolve it,
unfortunately. Note that I didn't use pf.
It is described here :
http://lists.freebsd.org/pipermail/freebsd-net/2005-July/007899.html
Regards,
--
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
More information about the freebsd-net
mailing list