VPN MTU limit breaks ssh connection to openssh 6.2p2 server
Alex Bligh
alex at alex.org.uk
Sat Nov 9 03:11:05 EST 2013
On 8 Nov 2013, at 15:26, Ernst Kratschmer wrote:
> If I understand Darren correctly, he is concerned that the packet
> fragmentation causes fragments to get dropped. From my debug, I can see
> that the 1460 byte packet get split into two packets exactly as expected
> from the MTU limit.
Run a ping with DF set across your tunnel and sweep the packet size. This
should stop working at one particular packet size.
Now run a ping without DF set across your tunnel and repeat. This should
work for all packet sizes. I bet one particular size fails. This will be
breaking pMTU discovery.
--
Alex Bligh
More information about the openssh-unix-dev
mailing list