I think I'm seeing weirdness with the MTU (or more likely, Path MTU Discovery) across a GB-Flash<->GB1000 VPN.
>From either end to the Internet at large seems fine, with an MTU of 1500 not being fragmented (using an ICMP ping with a 1472 byte payload). The same test across the VPN gives me a payload of 1410 bytes, the difference presumably being IPsec overhead. But the weird bit is that I'm not getting the "must-fragment" errors; the packets are just being silently dropped. Can anyone point me in the direction of what I should be checking...? Specifically, what ICMP filters I should be using, and applied to which interfaces (preferably not on the VPN?)? Ta, -- Phil Dye, Technical Manager A L C H E M Y D I G I T A L Tel: +44 (0)23 8060 4080 http://www.alchemydigital.com/ ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
