subject:"\[Kernel\-packages\] \[Bug 2049993\] Re\: tcp has MSS=1460, but TLSv1.3 payload is overshooting maximum segment size"

[Kernel-packages] [Bug 2049993] Re: tcp has MSS=1460, but TLSv1.3 payload is overshooting maximum segment size

2024-01-21 Thread Bernhard Riegler

I have a stateless firewall (nft) which drops ip.len>1500 input ethernet frames. therefore you see TCP flow control with resend data. filter the wireshark trace with "ip.len>1500" all the input ethernet frames (destination ipv4 10.0.0.2) seen in wireshark trace are dropped in nft filter hook

[Kernel-packages] [Bug 2049993] Re: tcp has MSS=1460, but TLSv1.3 payload is overshooting maximum segment size

2024-01-20 Thread Bernhard Riegler

** Attachment added: "snapcraft_tcp_over_MSS.pcapng" https://bugs.launchpad.net/ubuntu/+source/linux-hwe-6.5/+bug/2049993/+attachment/5741126/+files/snapcraft_tcp_over_MSS.pcapng -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to