Re: Kernel panic with pptpd when mss > mtu

From: Menno Smits (menno@netbox.biz)
Date: Thu May 22 2003 - 00:10:24 EST

Next message: Dima Brodsky: "2.5.69 doesn't boot"
Previous message: Peter T. Breuer: "Re: recursive spinlocks. Shoot."
In reply to: Menno Smits: "Re: Kernel panic with pptpd when mss > mtu"
Next in thread: Zdenek SUTR Kaminski: "Re: Kernel panic with pptpd when mss > mtu"
Reply: Zdenek SUTR Kaminski: "Re: Kernel panic with pptpd when mss > mtu"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Grab the latest ftp://ftp.samba.org/pub/unpacked/ppp which corrects both
> > of the above problems.
>
> I'll try this and let you know how I go.

Works beautifully, once I'd figured out the correct pppd options to
pass. Thank you.

Curiously I couldn't get the server and client to use MS-CHAPv2 or
MPPE unless the "require-mschap-v2" and "require-mppe" options were
provided. I assumed the client and server would negotiate at the
'highest' common authentication and encryption level. Instead I found
I had to include these two options or else standard CHAP with no
encryption was used (or the connection failed totally if Windows was
told to _require_ encryption or MS-CHAP).

Some other observations:

- pptp connections seem more reliable now. Previously it could take
  several attempts before a PPTP connection could be established
  (particularly from Win98?). This seems to be fixed with this
  MPPE/MS-CHAP implementation or perhaps its something else in 2.4.2.
  Either way, good stuff!

- If I load the netfilter pptp connection tracking modules on the PPTP
server I can't connect at all from Win98. Win2k works fine. Will
test other clients soon. Lots of the following from poptop:

GRE: xmit failed from decaps_hdlc: Operation not permitted

  ...even with no firewall rules active. Unload the conntrack modules
  it works fine. Strange! Previously, with the third party MPPE
  patches connection attempts were less reliable with the conntrack
  modules loaded but were workable. This is probably out of the scope
  of our discussion but any thoughts welcome :)

Its great to have MPPE and MS-CHAPv2 support in the main pppd dist
now... one less patch to worry about. Hopefully the MPPE kernel patch
will make it to the mainline kernel soon too.

Thanks for your help,
Menno
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dima Brodsky: "2.5.69 doesn't boot"
Previous message: Peter T. Breuer: "Re: recursive spinlocks. Shoot."
In reply to: Menno Smits: "Re: Kernel panic with pptpd when mss > mtu"
Next in thread: Zdenek SUTR Kaminski: "Re: Kernel panic with pptpd when mss > mtu"
Reply: Zdenek SUTR Kaminski: "Re: Kernel panic with pptpd when mss > mtu"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri May 23 2003 - 22:00:47 EST