|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
gif tunnel mtu problem - changing mss not an option
From: c0g (c0g
wp.pl)
Date: Tue Jul 01 2003 - 16:20:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi!
I've made gif tunnel (protected by IPSec) between two OpenBSD boxes.
~ tunnel
client ---- rl0-OBSD-gif0 ======= gif0-OBSD-rl0 --- internet -- server
MTU of the tunnel is smaller than 1500. When server transmits big
packets to client, they don't fit in the tunnel, so OBSD box sends icmp
need to frag. Some servers are broken and drops this kind of icmp
packets. This is well knows mss-mtu issue - can be repaired by changing
mss to fit mtu hack on router box.
But i think, that in my setup, it is not optimal. I want to maximalize
usage of my internet connection, so I want to transmit and receive
packets as big as possible = 1500 bytes. Changing mss will increase
number of small packets. Larger number of packets mean that there is
more "signalization" data bounded to each packet, so there is fewer room
for data that these packets carry. So fragmentation (only between tunnel
endpoints which are under my control) sounds better in my opinion.
Is there any way to tell OpenBSD kernel to fragment too big packets
going thru tunnel instead sending icmp need to frag? To make tunnel
transparent?
Thanks in advance!
- --
c0gwp.pl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/AfsWPqmVt5WhbA8RAgBxAJ988xJ4lebZv379B39Z86SnOtVqAwCfXSGS
o8X+KfDJIhU+guED/tIGL10=
=85vV
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]