"'Mark Smith'" <mark.smith,AT,avcosystems,DOT,co,DOT,uk>,<cipe-l,AT,inka,DOT,de>|
RE: CIPE-Win32: communication breakdown|
"Michael Clarke" <mclarke,AT,timetra,DOT,com>|
Tue, 17 Jun 2003 11:11:24 +0100|
I'm not an expert on the linux implementation, but I don't think that
the ICMP can't fragment messages received as a result of CIPE sending
out an encrypted UDP frame with DF=1 are passed back to the originating
I am more familiar with the CIPE-Win32 implementation, and that doesn't
appear to copy the DF bit into the outgoing UDP frames and so would need
more work to make TCP PMTU-D work.
From: owner-cipe-l,AT,inka,DOT,de [mailto:owner-cipe-l,AT,inka,DOT,de On
Sent: 17 June 2003 09:55
Subject: RE: CIPE-Win32: communication breakdown
> I've confirmed this to be a problem at our site when
> communicating either
> between Win32 and linux or linux and linux. What I don't
> understand is why
> the clamp mss seems to fix the problem. There don't appear
> to be any blocks
> that'll prevent the ICMP replies to TCP DF requests, so MTU should be
> negotiated correctly, and thus MSS. Can someone explain to
> me, or point to
> an explanation, as to why the clamp is needed?
> As for Win32, I've found no such fix. The Win32 machines
> simply do not
> work, and I don't have control over all of them in order to
> drop MTU. I
> need another solution, and I'm sure there must be something out there.
> More information needed...
Anyone had any thoughts on this?
Mark Smith - Avco Systems Ltd
Tel: +44 (0)1784 430996 Fax: +44 (0)1784 431078
Message sent by the cipe-l,AT,inka,DOT,de mailing list.
Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
Other commands available with "help" in body to the same address.
CIPE info and list archive: