[ale] VPN's
Steve Tynor
tynor at outside.atlanta.twr.com
Tue May 25 13:38:07 EDT 1999
We tried decreasing both the PPP MTU and PPP MRU to 296 bytes (256 bytes
plus 40 bytes header). It had a positive effect, but not much of one.
When the MTU/MRU alone was adjusted, without messing with other PPP
options, the link stayed up a bit longer than normal, and we were able
to retrieve a Web page from our Austin Web site, something which had not
been possible before the MTU change.
If you're not referring to the PPP MTU but the lowest level underlying
transport (ssh's TCP connection itself), no we haven't tried changing
that. (That may require hacking the ssh source code since there's no
command line option).
Steve
Gary Maltzen wrote:
| I would guess that SSH telnet is more reliable because it uses short
| packets. What you may need is a way to decrease the MTU of packets routed
| through the VPN, if that's even possible...
|
| How does a conventional ftp session between Atlanta and Austin compare to
| the same between Atlanta and Canada?
|
| (We're using NT-based Aventail VPN between Minneapolis and Seattle;
| traceroute says we're routed through New York).
|
| -----Original Message-----
| From: Steve Tynor <tynor at outside.atlanta.twr.com>
|
|
| This is exactly what we do (and your guess even happens to match the
| subnet numbers we are using on each subnet :-)).
|
| Only traffic destined from one subnet to the other gets routed through
| the tunnel. That's all happening correctly. The problem is that the
| tunnel itself (10.0.1<->1.0.2) is unreliable.
|
| Steve
|
More information about the Ale
mailing list