IPSec transport mode, mtu, fragmentation...
vas at sibptus.ru
Fri Dec 20 18:44:41 UTC 2019
Victor Sudakov wrote:
> I need to figure out why IPsec tunnel mode is always generating ESP
> packets with the DF flag set. Therefore they just don't get through the
> interface and never leave the host.
> I cannot even "scrub out proto 50 no-df" them because they never go
> through any f*cking interface, that's what I think is happening. Don't
> tell me it's by design.
I've created a PR https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=242744
if anyone is interested you are welcome to discuss. Maybe my theory of
what's happening is incorrect.
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 455 bytes
Desc: not available
More information about the freebsd-net