From: [EMAIL PROTECTED] (Stephen J. Bevan) Date: Fri, 20 Oct 2006 19:17:42 -0700
> path-MTU gets interesting[1] in the context of an an IPsec gateway > (i.e. tunnel mode IPsec) and there is definitely variability as to how > reliably an ICMP will be returned in the case that the MTU is exceeded > somewhere between the two endpoints. Throw in port/protocol based > selectors[2] or IPv4(IPv6) traffic encrypted with an IPv6(IPv4) > header[3] and the chances of success go down. Yes, this has been discussed to death here previosly. It can be made more reliable, the fact that most of the implementations suck (to some extent including Linux's) should not deter us trying to make it work as reliably as possible. I just think that this ethernet level crypto talk is a complete waste of time, there are much better things to concentrate on in my opinion. :-) - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
