[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question on TCP MSS with repsect to IPSEC

To: Phil Karn <karn@qualcomm.com>
Subject: Re: Question on TCP MSS with repsect to IPSEC
From: Naganand Doraswamy <naganand@ftp.com>
Date: Thu, 01 Aug 1996 09:17:47 -0400
Cc: adams@tgv.com, ipsec@TIS.COM
Sender: ipsec-approval@neptune.tis.com

Phil,

>The best you can really hope for is Path MTU support on the sending
>TCP that will respond appropriately to ICMP messages from an IPSEC
>tunnel endpoint that knows what its next hop interface MTU is after
>being adjusted for IPSEC overhead.
>

Doesnt the ICMP message indicate the datagram size (IP Header + data) that
it can send? This being the case, the router or tunnel end point may not
take into account the overhead of IPSEC, correct?

In this scenario, it will be upto the host sending the IPSEC traffic to
adjust the tcp data size.

Thanks,

--Naganand
----------------------------------------------------------------
naganand@ftp.com
Tel #: (508)684-6743 (O)

Follow-Ups:

Re: Question on TCP MSS with repsect to IPSEC

From: Phil Karn <karn@unix.ka9q.ampr.org>

Prev by Date: Re: Question on TCP MSS with repsect to IPSEC
Next by Date: Re: Question on TCP MSS with repsect to IPSEC
Prev by thread: Re: Question on TCP MSS with repsect to IPSEC
Next by thread: Re: Question on TCP MSS with repsect to IPSEC
Index(es):
- Main
- Thread