Hello All,
The info in Documentation/proc.txt for the
ip_always_defrag sysctl variable states that :
"never ever say Y here for a normal router or host."
For a router, the possibility of not all fragments
being routed through the same router(s) is a clear
reason for this statement. However, why is this option
ruled out for a host which is a simple endpoint for
IP-traffic ?
My interest is mainly because enabling the option
would simplify the IPCHAINS rules required to
provide packet filtering of selected services on
a web server host.
Is there a performance reason for not enabling the
option or is there another rationale ?
Any info appreciated.
Many thanks,
James Griffiths
__________________________________________________
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
