[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Stalled connections [LONG]



On Thu, 2004-09-30 at 04:55, Martin Lexa wrote:
> # Normalization: reassemble fragments and resolve or reduce traffic
> ambiguities.# scrub in all
> scrub in on $ext_if all no-df
> scrub out on $ext_if all no-df random-id max-mss 1440
> scrub in on enc0 all no-df
> scrub out on enc0 all no-df
> scrub in on $int_if all no-df
> scrub out on $int_if all no-df random-id
have you tried lower max-mss values than 1440?  you're cutting it pretty
close there (1500 - 20 - 40).  i know it makes mathematical sense in
theory; but in reality, i've always had to ratchet my WiFi over IPSec
traffic down to an MTU of 1350-1370 (MSS of 1310-1330) to eliminate
"stalls."
just a thought.
-j
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
These days the necessities of life cost you about three times what they
used to, and half the time they aren't even fit to drink.
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~