MSS rewrite / MSS clamping?
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Sun Feb 6 13:05:08 UTC 2011
On Sun, 6 Feb 2011, Mike Tancsa wrote:
> On 2/5/2011 11:07 PM, Jason Fesler wrote:
>> I'm in search of MSS clamping for FreeBSD servers; in particular, for
>> IPv6. I'm finding pretty much nothing (except iptables..) on the net.
>
> Hi,
> I am curious as to where you would be running into MTU issues on IPv6
> where you would need to manually compensate ? Broken tunnel providers ?
ICMP is bad and so filtering ICMPv6 must be good? Right? Even
vendors selling firewalls do it to their own webserver.
MSS clamping is a bad workaround for broken PMTU, and the real answer
really is, get the paths fixed!
Ther alternative I occactionally do is a destination route with a
lower MTU but you cannot go endlessly down with IPv6 as there's the
minimum.
--
Bjoern A. Zeeb You have to have visions!
Stop bit received. Insert coin for new address family.
More information about the freebsd-net
mailing list