Projecte

General

Perfil

Actions

Característica #149

obert

Clamping the MSS via iptables

Afegit per Simó Albert i Beltran fa més de 12 anys.

Estat:
En progrés
Prioritat:
Urgent
Versió prevista:
-
Inici:
13-05-2012
Data de venciment:
% realitzat:

0%

Temps previst:
Temps invertit:

Descripció

Linux ip stack sends a ICMP Code 3 Type 4 (Fragmentation Needed) packet when one package exceeds the MTU (e.g. the MTU of bmx6 tunnels) and this package has DF (Don't Fragmentation) flag (e.g. SSL-encrypted WWW sites).

Some ISPs block this ICMP Code 3 Type 4 (Fragmentation Needed) packages, then too big packages with DF (Don't Fragmentation) flag sent by servers never reach to clients. QMP needs to change MSS value in TCP negotiation time.

See also #148 and http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/mtu-issues.html

Please, can you clamp the MSS via iptables when detects a gateway.

Actions

També disponible a: Atom PDF