Re: IPSEC transport mode w/2.2.x kernels and large packets

Andi Kleen (ak@muc.de)
Sat, 7 Aug 1999 12:52:20 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Frank van Maarseveen: "Re: RPC and more than 16-groups..."
Previous message: Alan Cox: "Re: IPSEC transport mode w/2.2.x kernels and large packets"
In reply to: Frank van Maarseveen: "Re: HZ ethernet question"

On Sat, Aug 07, 1999 at 12:29:20PM +0200, Alan Cox wrote:
> > > Typo - routes
> > Hmm, shifting state to people who shouldn't need to know.
>
> Shifting policy to userspace and the daemons involved. Which is where it should
> be. The whole point of the mss option originally was to allow users to drop
> the MSS of a path for better performance.

Hmm. mss routing table attribute is only used by local TCP connections.
With a tunnel the TCP connections are not local, they originate from some
other host (which has no idea about ipsec). How would this other host know
about the MSS you set in the routing table ?

(with shifting state I meant it would need to move to all the tunnel
using hosts, which is of course impossible. It has to be done dynamically.)

-Andi

-- This is like TV. I don't like TV.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Frank van Maarseveen: "Re: RPC and more than 16-groups..."
Previous message: Alan Cox: "Re: IPSEC transport mode w/2.2.x kernels and large packets"
In reply to: Frank van Maarseveen: "Re: HZ ethernet question"