I was wondering if there was a way to increase the allowed ping size
over a m0n0 to m0n0 ipsec vpn. The reason is as follows:
When running a M$ based network with a central location and numerous
satellite locations, you may encounter a rather nasty problem.
Windows 2000's method for locating a domain controller is not
exactly flawless. When a workstation checks connectivity with the DC
it first uses a normal icmp ping. If the normal ping succeeds it
then tests the connection speed with an oversized ping.
Specifically the size is 2048k* which puts the total packet size
over 2k due to headers. This isn't a problem when you are on a
local network with nothing between you and the DC but a switch.
However, if you are at a satellite location and you must traverse a
VPN to speak to the DC there may be trouble. This functionality is
designed to prevent ye-old ping flood among other things. Because
of this behavior workstations at satellite sites succeed with the
first normal ping but fail on the oversized one.
Any help would be appreciated.