[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSec Standard - No Flow Control?
To all:
The complete trace files are available via anonymous ftp from:
ftp://vega.dnsalias.net/outgoing
There are 4 files. Here is a description:
trusted1.cap.zip - Sniffer Pro format of trusted(LAN) side of VPN (approx
6000 frames)
trusted1.prn.zip - ASCII dump of above trace (Only includes first 1500
frames, which should cover everything)
untrusted1.cap.zip - Sniffer Pro format of untrusted (Internet) side of
VPN (approx 5000 frames)
untrusted1.prn.zip - ASCII dump of above trace (Once again, only 1500
frames)
Hope this is enough information.
BTW, one host in the transfer is set to 1400 MTU to keep fragmentation
down.
Thanks,
Rett Walters
|--------+----------------------------->
| | Bill Sommerfeld |
| | <sommerfeld@east.su|
| | n.com> |
| | Sent by: |
| | sommerfeld@thunk.ea|
| | st.sun.com |
| | |
| | |
| | 07/24/2001 12:51 PM|
| | Please respond to |
| | sommerfeld |
| | |
|--------+----------------------------->
>------------------------------------------------------------------------------------------------------------------------|
| |
| To: Rett_Walters@payless.com |
| cc: |
| Subject: Re: IPSec Standard - No Flow Control? |
>------------------------------------------------------------------------------------------------------------------------|
Two comments:
- The trace you sent me doesn't include the TCP connection
establishment (SYN / SYN+ACK packets); those contain MSS options, and
I wanted to see what the negotiated MSS values were...
- If you want more help debugging this, put new traces (showing both
the connection setup and the connection lag) on an anonymous FTP or
web site somewhere and send the URL's to the ipsec list.
- Bill