[HamWAN PSDR] Metal 5SHPn firmware 6.12 is current (addendum)

Bart Kus me at bartk.us
Sat May 3 23:54:50 PDT 2014


Where "correctly" means "without fragmentation".  The network will 
fragment larger packets and still pass them OK, it's just less 
efficient.  TCP can be hinted to use smaller packets which don't require 
fragmentation, and that's what the MSS settings are about.

--Bart


On 5/3/2014 10:46 PM, Nigel Vander Houwen wrote:
> Dean,
>
> I'll answer both your emails in this one. RE the first email concerning route cache with l2tp tunnels. We saw that and have tested it on Bart's and I's uplink modems and it has not fixed the route cache issue for non-l2tp tunnels, this is confirmed by the forum ports.
>
> The mangle rules are not related to ovpn. The issue is that the uplinks have connections (public ISPs) that limit to an MTU of 1500, and the ipip tunnel with ipsec takes up some of that for the headers, so packets must be mangled to be smaller than that to pass through the uplink nodes to and from the internet correctly.
>
> Nigel
> K7NVH
>
> On May 3, 2014, at 10:04 PM, Dean Gibson AE7Q <hamwan at ae7q.com> wrote:
>
>> Note also:
>>
>> What's new in 6.11 (2014-Mar-20 09:16):
>>
>> *) ...
>> *) ovpn - make bridge mode work with big packets (do not leave extraneous padding);
>>
>> Is this related to the "change-mss" firewall mangling rules in our own setup?
>>
>> _______________________________________________
>> PSDR mailing list
>> PSDR at hamwan.org
>> http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org
>
> _______________________________________________
> PSDR mailing list
> PSDR at hamwan.org
> http://mail.hamwan.org/mailman/listinfo/psdr_hamwan.org





More information about the PSDR mailing list