On June 21, 2004 09:50 am, Andrew Miehs wrote: > tried that... But that seemed just to disable PMTU Discovery, and not > disbale the 'DF' bit... (After the traffic between myself and the server > via a CIPE tunnel stopped working when the packets got tooo large) > - Or is there a bug in packet fragmentation in the linux kernel?
Hmmm, I did try it hear and my outgoing packets lacked the DF bit as soon as I made that change. Replies are up to the other side of the connection so they may or may not set DF as far as I can tell. If large packets are being blocked then there is definitely a bug, whether it's in the Linux kernel (doubtful), cipe, your firewall (?) or in an upstream router is impossible for me to tell. My bet would be that someone is blocking icmp messages (you, your firewall, your ISP?). There's a really good explanation of PMTU at http://www.netheaven.com/pmtu.html that should explain all that for you. As someone else suggested you can lower the MTU and probably get around the problem but it would be better to try and figure out which router is blocking your PMTU attempts ... play with the -M option to ping (at least in iputils-ping from testing). Of course I've never used CIPE so I may be totally off base. -- Fraser Campbell <[EMAIL PROTECTED]> http://www.wehave.net/ Georgetown, Ontario, Canada Debian GNU/Linux -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
