<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: CIPE 1.5.4 & Kernels >= 2.4.19
From: Tomas Westin <tech,AT,space2u,DOT,com>
Date: Mon, 2 Dec 2002 19:33:20 +0100


We've been experiencing problems with cipe 1.5.4 and kernels >= 2.4.19
in the following setup

[CIPE Linux #1] <---CIPE VPN---> [CIPE Linux #2]

Where CIPE Linux #2 masquerades the transit adress (192.168.x.x) for CIPE
Linux #1 towards the LAN, this works fine as long as CIPE Linux #2 runs
kernel 2.4.18 or below, when upgraded to 2.4.19 or higher connections that
generate more data than just very small amounts hangs.

I.e an interactive SSH session works fine as long as you dont for example
cat a large file, if compression is used with ssh it reduces the risks of
the connection being terminated, etc etc.

If the route through the VPN is setup with a MSS of 400 instead of Linux's
default 40 things also looks ok (limited testing, seems like curing the
symptom rather than the disease)

This seems to only occur on the masquerading end, the CIPE Linux #1
machine can run >= 2.4.19 without any problems, as long as CIPE Linux #2
runs 2.4.18 or below

Has anyone experienced anything similar with these kernels versions and
masquerading? Or has any advice? (which would be greatly appreciated)

regards Tomas

<< | Thread Index | >> ]    [ << | Date Index | >> ]