| To: | Mika Penttil? <mika.penttila@xxxxxxxxxxx> |
|---|---|
| Subject: | Re: [15/*] [INET] Fix IPsec calculation in ip_append_data/ip6_append_data |
| From: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
| Date: | Tue, 22 Mar 2005 09:04:40 +1100 |
| Cc: | "David S. Miller" <davem@xxxxxxxxxxxxx>, Alexey Kuznetsov <kuznet@xxxxxxxxxxxxx>, YOSHIFUJI Hideaki <yoshfuji@xxxxxxxxxxxxxx>, Patrick McHardy <kaber@xxxxxxxxx>, netdev@xxxxxxxxxxx |
| In-reply-to: | <423F3CD6.7090109@xxxxxxxxxxx> |
| References: | <20050307103536.GB7137@xxxxxxxxxxxxxxxxxxx> <20050308102741.GA23468@xxxxxxxxxxxxxxxxxxx> <20050314102614.GA9610@xxxxxxxxxxxxxxxxxxx> <20050314105313.GA21001@xxxxxxxxxxxxxxxxxxx> <20050314111002.GA29156@xxxxxxxxxxxxxxxxxxx> <20050315091904.GA6256@xxxxxxxxxxxxxxxxxxx> <20050316113149.GA10960@xxxxxxxxxxxxxxxxxxx> <423EF2CF.7020403@xxxxxxxxxxx> <20050321202804.GA3106@xxxxxxxxxxxxxxxxxxx> <423F3CD6.7090109@xxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mutt/1.5.6+20040907i |
On Mon, Mar 21, 2005 at 11:29:58PM +0200, Mika Penttil? wrote: > > ok I see it now, but this is really easy to get wrong... Well the rule is actually quite simple. If IPsec can't be present, then you should always use dst_mtu(dst). If IPsec may be present, then you should also use dst_mtu(dst) *unless* you're performing an operation such as fragmentation that has to be done after IPsec. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt |
| Previous by Date: | Re: [RFC] TCP congestion schedulers, David S. Miller |
|---|---|
| Next by Date: | Re: dummy as IMQ replacement, Andy Furniss |
| Previous by Thread: | Re: [15/*] [INET] Fix IPsec calculation in ip_append_data/ip6_append_data, Mika Penttilä |
| Next by Thread: | Re: [13/*] [IPV4] Fix room calculation in icmp_send, David S. Miller |
| Indexes: | [Date] [Thread] [Top] [All Lists] |