Dear List, I have a GRE tunnel setup between a debian linux/zebra router at my co-lo and my home office. This allows me to have a /27 without coughing up $7/IP to the local cable monopoly. There are no other broadband IP options available. My problem is I can't raise the MTU on the intermediate links over which the tunneled packets must travel, thus the MTU of my GRE tunnel is less than 1500. Many popular Internet sites, including paypal, hotmail, portions of Yahoo, and my beloved friendster, have utterly broken Path MTU Detection. The problem is wide-spread, and I don't think these sites are going to correct their problem or disable PMTUd on their servers, load balancers, and whatnot. Cisco routers have the ability to fragment and reassemble IP packets traversing GRE tunnels in order to effectively increase the tunnel MTU. The command syntax is e.g. `ip mtu 1500` in interface configuration. Is similar functionality available on linux? If not, can someone with iptables clue give me an example of how to disable the IP Don't-Fragment bit on ip packets that are being routed to my tunnel, allowing them to be fragmented even though the transmitting TCP stack has set DF? Kind thanks, -- Jeff S Wheeler <jsw@five-elements.com>
Attachment:
signature.asc
Description: This is a digitally signed message part