Date: Wed, 25 Dec 2019 23:49:32 +0700 From: Victor Sudakov <vas@sibptus.ru> To: freebsd-net@freebsd.org Subject: Re: IPSec transport mode, mtu, fragmentation... Message-ID: <20191225164932.GA11670@admin.sibptus.ru> In-Reply-To: <35fd51d5-c171-c97c-5bb2-529912d75844@grosbein.net> References: <20191220152314.GA55278@admin.sibptus.ru> <f38d1f3c-dc47-0776-29f9-2151b05e09b0@tuxpowered.net> <20191220160357.GB56081@admin.sibptus.ru> <20191220162233.GA56815@admin.sibptus.ru> <55eeca4c-9633-339a-f521-b0db462cc1d6@yandex.ru> <20191223100655.GA41651@admin.sibptus.ru> <3edbc7ad-a760-48c7-3222-202d7a835fe5@yandex.ru> <35fd51d5-c171-c97c-5bb2-529912d75844@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--WIyZ46R2i8wDzkSu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Eugene Grosbein wrote: >=20 > I think we could just clear DF bit off encapsulated transport mode packet= s unconditionally, > please take a look at last chunk of sample patch in the PR 242744: > https://bz-attachments.freebsd.org/attachment.cgi?id=3D210122 >=20 > Sample patch creates another sysctl but we should do it unconditionally, = don't we? The more I think of it, the more I feel that the idea of removing the DF flag from ESP packets is incorrect. Because in IPv6, there is no flag to remove. If an IPv6 packet was not fragmented by the originator, there is nothing to be done in transit. --=20 Victor Sudakov, VAS4-RIPE, VAS47-RIPN 2:5005/49@fidonet http://vas.tomsk.ru/ --WIyZ46R2i8wDzkSu Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJeA5McAAoJEA2k8lmbXsY0TU0IAJvLjZX5Fa79Un5XRRj2X1wu kqW5RFg05I94sskURZtMpJUcFP46jkV4v5JBIR5NvEl8Bz3ILd9lgz+Tw1JZjCEx Oo7IZnv9pFsRsmPDaKFqTwPpb8OCzU7olW4ypSFQ1Gr0/nD/9lGfrhxl91R42WPK YJNS7G8cdBA0CY8SX+ysI9k1kIZjO2BvncGLbs8wklVXiWOnQpaZ1pFbj4f6Liae DkiQRR/nDSKXoCobe3X+13QxVaFRCeoyVUbPtE/VQKqWlLc2eSll/6Jjno6tZZWI vh4lFAiSOfGKzB4UpRtAm6bBLPIhpuTOmqldFqcix+YgRSzmbgTgSMuyWe+WPOs= =RsQB -----END PGP SIGNATURE----- --WIyZ46R2i8wDzkSu--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20191225164932.GA11670>