barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec

• Previous message (by thread): barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
• Next message (by thread): barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jo Rhett wrote:

> On May 6, 2007, at 6:07 PM, Joe Maimon wrote:
> 
>> Of course, and thats why I have cut down ip mtu and tcp adjust mss  
>> and all the rest.
>> Not making much of a difference.
> 
> 
> Um.. sorry if you mean more than you said, but where did you cut down  
> the TCP MTU?   If you did it on your routers, then you are creating  or 
> at least complementing the problem.

On the CPE dialer interface.

On the ezvpn dvti virtual-template

> 
> The only way to make smaller MTUs work is to alter the MTU on both  the 
> origin and destination systems.  Altering the MTU anywhere along  the 
> path only breaks things.


Lower than 1500 mtu always requires some kind of hack in real life.

That would be the adjust-mss which is the hack-of-choice

• Previous message (by thread): barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
• Next message (by thread): barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]