From: [EMAIL PROTECTED] (Stephen J. Bevan) Date: Thu, 19 Oct 2006 19:18:41 -0700
> Pawel Foremski writes: > > Secondly, IPsec won't decrease MSS in TCP encapsulated in PPPoE > > traffic, for example. > > Various, commercial, IPsec products decrease the MSS for TCP > encapsulated in PPPoE. I've not checked the Linux 2.6 IPsec code to > see if it does or if it can easily be made to. Linux will for local TCP connections over IPSEC transports since it knows the path MTU, for IPSEC gateways the source system will adjust the MSS after it notes via path-MTU what the decreased MTU is. I think this is just a big list of excuses for not using IPSEC as the solution for whatever problem is trying to be solved. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
