On Saturday 11 Jan 2014 09:03:16 the wrote: > Also > "Besides MTU, there is yet another way to set the maximum packet size, > the so called Maximum Segment Size. This is a field in the TCP Options > part of a SYN packet." > > Does this mean that even with this iptables rule I'll have problems > with udp packets?
If you are using VPN with UDP encapsulation then yes, I would expect that you could have problems with some endpoint routers. That's why I suggested to set the MTU at your interface to a smaller size. That should apply at any protocol that is going out of the given interface, including UDP. I was trying to connect to a VPN gateway once on a router that used PPPoE to authenticate with the ISP's ADSL service. Although it would connect to the gateway - I couldn't use the tunnel which was just hanging there doing nothing (black hole symptom). This did my head in, until I reduced the MTU using ifconfig and the problem was immediately resolved. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
