On 6/26/06, Lee Sharp <leesharp at hal dash pc dot org> wrote:
> This is not a m0n0wall problem. MTU path discovery is supposed to be done
> at the client.
From a lot of digging into this, in this particular circumstance that
isn't true. PMTUD seems to work relatively well in Windows, when it's
implemented properly. m0n0wall + anything that encapsulates things
(PPTP, IPsec) just doesn't send back the required "frag needed but DF
bit set" ICMP message that makes PMTUD work. If m0n0wall actually
sent that and there were still issues, then yeah it's a client
problem. But I've pored through numerous capture files, purposely
creating this issue, and have yet to see a single "frag needed but DF
bit set" ICMP message from m0n0wall.
I haven't had time to really dig into this in FreeBSD 6.x yet, but I
know from experience that it's improved in this regard though still
has some issues.