Hi
Fallow this webpage:
http://www.ipsec-howto.org/x304.html
free bsd is similar to linux
Thanks,
--Venkatesh �
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freeb
Bjoern A. Zeeb wrote:
On Wed, 15 Nov 2006, Tom Judge wrote:
I'll handle this.
From your patch I assume you are on RELENG_6. In HEAD that part had
been re-written already.
I have to check if the entire code path could be MFCed or just your
change needs to be applied but it'll has to wait until
On Wed, 15 Nov 2006, Tom Judge wrote:
Hi,
I have been looking into some problems with PMTU Discovery when routing
packets over IPSec (gif) tunnels, I have submitted the details to the open PR
I'll handle this.
From your patch I assume you are on RELENG_6. In HEAD that part had
been re-writ
I have been looking into some problems with PMTU Discovery when routing
packets over IPSec (gif) tunnels, I have submitted the details to the
open PR kern/91412 but have had no response as to whether my patch is
the correct solution to the problem.
The problem occurs when sys/netinet/ip_input.
Dave Preece wrote:
>
> > > Just learning about this: I can see the advantages but does
> > anything use it?
> >
> > Sure, TCP uses it.
> >
> > TCP (at least in FreeBSD) sets the "don't frag" bit on all
> > its outgoing
> > packets.
>
> Good lord, so it does. Mental note, packet sniff before post
> > > Just learning about this: I can see the advantages but does
> > anything use it?
> >
> > Sure, TCP uses it.
> >
> So... thinking about what this means for firewalls and natd. If we block all
> incoming ICMP's across the firewall
The moral of the story is don't block *ALL* incoming ICMP's
And fbsd will respond to other's queries depending on interface mtus only
be careful if you are running natd. This copies the interface mtu on
startup but does not learn the new value if it is reduced either manually
or automatically. It can therefore respond with a to a query with a
value
On Thu, Jun 08, 2000 at 07:21:57PM +1200, Dave Preece wrote:
> So... thinking about what this means for firewalls and natd. If we block all
> incoming ICMP's across the firewall, it is quite possible that a server
> behind the firewall could completely fail to send packets to a client on a
>
> > Just learning about this: I can see the advantages but does
> anything use it?
>
> Sure, TCP uses it.
>
> TCP (at least in FreeBSD) sets the "don't frag" bit on all
> its outgoing
> packets.
Good lord, so it does. Mental note, packet sniff before posting in future.
So... thinking about
On Thu, Jun 08, 2000 at 18:03:45 +1200, Dave Preece wrote:
> Just learning about this: I can see the advantages but does anything use it?
Sure, TCP uses it.
TCP (at least in FreeBSD) sets the "don't frag" bit on all its outgoing
packets.
If the packet gets to a router with an outgoing MTU that
Just learning about this: I can see the advantages but does anything use it?
Dave :)
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
11 matches
Mail list logo
