Date: Sun, 6 Feb 2011 13:03:40 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-net@freebsd.org, Jason Fesler <jfesler@gigo.com> Subject: Re: MSS rewrite / MSS clamping? Message-ID: <20110206130139.B80258@maildrop.int.zabbadoz.net> In-Reply-To: <4D4E799A.50902@sentex.net> References: <alpine.BSF.2.00.1102052005340.16359@goat.gigo.com> <4D4E799A.50902@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 6 Feb 2011, Mike Tancsa wrote:
> On 2/5/2011 11:07 PM, Jason Fesler wrote:
>> I'm in search of MSS clamping for FreeBSD servers; in particular, for
>> IPv6. I'm finding pretty much nothing (except iptables..) on the net.
>
> Hi,
> I am curious as to where you would be running into MTU issues on IPv6
> where you would need to manually compensate ? Broken tunnel providers ?
ICMP is bad and so filtering ICMPv6 must be good? Right? Even
vendors selling firewalls do it to their own webserver.
MSS clamping is a bad workaround for broken PMTU, and the real answer
really is, get the paths fixed!
Ther alternative I occactionally do is a destination route with a
lower MTU but you cannot go endlessly down with IPv6 as there's the
minimum.
--
Bjoern A. Zeeb You have to have visions!
Stop bit received. Insert coin for new address family.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110206130139.B80258>