Date: Sun, 6 Feb 2011 13:03:40 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-net@freebsd.org, Jason Fesler <jfesler@gigo.com> Subject: Re: MSS rewrite / MSS clamping? Message-ID: <20110206130139.B80258@maildrop.int.zabbadoz.net> In-Reply-To: <4D4E799A.50902@sentex.net> References: <alpine.BSF.2.00.1102052005340.16359@goat.gigo.com> <4D4E799A.50902@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 6 Feb 2011, Mike Tancsa wrote: > On 2/5/2011 11:07 PM, Jason Fesler wrote: >> I'm in search of MSS clamping for FreeBSD servers; in particular, for >> IPv6. I'm finding pretty much nothing (except iptables..) on the net. > > Hi, > I am curious as to where you would be running into MTU issues on IPv6 > where you would need to manually compensate ? Broken tunnel providers ? ICMP is bad and so filtering ICMPv6 must be good? Right? Even vendors selling firewalls do it to their own webserver. MSS clamping is a bad workaround for broken PMTU, and the real answer really is, get the paths fixed! Ther alternative I occactionally do is a destination route with a lower MTU but you cannot go endlessly down with IPv6 as there's the minimum. -- Bjoern A. Zeeb You have to have visions! Stop bit received. Insert coin for new address family.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110206130139.B80258>