> > 1. Even though I understand that the VPN server adds headers and hence the > need to lower the MTU, I cannot understand why communication stalls when I > talk to CVS in such a situation, and it does not stall with regular > internet > traffic. > > If you are on ethernet, the frame is 1492, take away the ipsec overhead and you are left with 1300 and few tens bytes. 1200 sounds about right if this is the case; you can ofcourse horse around with it and figure what is the maximum MTU you can work with. If you can compute the VPN overhead for your network, this value can be insightful. You should check if the CVS server's network path correctly auto-negotiates the MTU. Maybe your gateways and CVS servers are on different physical layers? Any interpolation issues? Network cards/ drivers may not support MTU scaling. If you peel the onion along these lines, it might answer your question.
Manas _______________________________________ Pune GNU/Linux Users Group Mailing List
