In a message written on Thu, May 08, 2003 at 11:12:19AM -0400, Jeff McAdams wrote:
An only slightly better hack would be to have the tunnel and/or firewall twiddle the MSS on outgoing TCP connections to compensate for the lower tunnel MTU. Still pretty gross, but won't have as much of an effect on the TCP performance.
I did leave out some details. We tried Cisco code that mucks with MSS, and that part worked but the image had other issues for us. :( Of course, I'm also highly annoyed that you can't raise the MTU on a Cisco tunnel. You can raise the MTU on T1's, so you can add the tunnel overhead, but you can't then raise the MTU of the tunnel itself. In a couple cases we could make it so the tunnel had an MTU of 1500 if we could change it. *sigh* -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org