Return-Path: <jered@MIT.EDU>
Received: from fort-point-station.mit.edu by po12.mit.edu (8.9.2/4.7) id JAA20194; Mon, 12 Mar 2001 09:19:51 -0500 (EST)
Received: from fucking-lunatic.grey17.org (IDENT:somebody@fucking-lunatic.grey17.org [4.255.0.40]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id JAA28719 for <tunnel-users@mit.edu>; Mon, 12 Mar 2001 09:19:35 -0500 (EST)
Received: (from jered@localhost) by fucking-lunatic.grey17.org (8.8.8/8.8.8) id JAA22176; Mon, 12 Mar 2001 09:19:30 -0500
To: tunnel-users@mit.edu
Subject: Linux endpoint MSS rewriting
References: <p05100a40b6d222158022@[18.101.0.199]>
From: Jered Floyd <jered@MIT.EDU>
Date: 12 Mar 2001 09:19:29 -0500
In-Reply-To: Miro Jurisic's message of "Mon, 12 Mar 2001 01:50:40 -0500"
Message-ID: <s56bsr7hxxq.fsf@fucking-lunatic.grey17.org>
Lines: 12
X-Mailer: Gnus v5.6.45/XEmacs 21.1 - "Arches"
X-Evolution: 000000c3-0000


I didn't realize this list existed.  Since it does, I figure it would
be helpful for me to announce my port of marc's MSS-rewriting patch to
Linux. It can be found in /mit/jered/src/linux-msslimit.

This is a patch into the IP firewalling code for Linux 2.2.  It
creates a magic chain called 'msslimit' which will rewrite the MSS in
any TCP SYN packets to be smaller by the size of an IPIP header.  This
solves the problem of path-MTU black holes without having to
reconfigure the MTU on all your internal machines.

--Jered