[Bug 242744] IPSec in transport mode between FreeBSD hosts blackholes TCP traffic

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sat Dec 21 08:56:26 UTC 2019


--- Comment #7 from Eugene Grosbein <eugen at freebsd.org> ---
(In reply to Victor Sudakov from comment #5)

> I don't think I can if the packet in question is not received or transmitted
> via any interface (like locally generated ssh-client traffic intercepted
> by IPSec policies).

Any outgoing packet has its destination IP address and it is not changed by
IPSec transport mode. It's possible to perform routing lookup for any reachable
destination IP address to discover transmit MTU and deduce right MSS.

You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-net mailing list