[Swan] protostack=mast
Paul Wouters
pwouters at redhat.com
Thu Mar 21 02:48:04 EET 2013
On Wed, 20 Mar 2013, Pavel Kopchyk wrote:
> As I said before, I'm trying to setup libreswan 3.1 on CentOS 6.4 with
> SAref support.
>
> Another problem was found:
> 23: mast0: <NOARP> mtu 0 qdisc noop state DOWN qlen 10
> link/[65534]
Ah yes, we only checked mtu for ipsec0, not mast0. Try this patch?
diff --git a/programs/_stackmanager/_stackmanager.in
b/programs/_stackmanager/_stackmanager.in
index eb2cf30..36ae9e4 100644
--- a/programs/_stackmanager/_stackmanager.in
+++ b/programs/_stackmanager/_stackmanager.in
@@ -261,6 +261,15 @@ startklips() {
# PAUL: We tell in the man page for ipsec.conf protostack= that
# the user should do this
+ # Double check the mtu is not 0
+ # if it is set it to a saner default
+ ip link show dev $virt | grep -q 'mtu 0 '
+ RETVAL=$?
+ if [ "$RETVAL" -eq 0 ]; then
+ echo "Fixup of mtu on $virt to 16260" >&2
+ ip link set mtu 16260 dev $virt
+ fi
+
elif [ $stack = "klips" ]; then
# in klips mode we attach it to the physical device
# clear tables out in case dregs have been left over
More information about the Swan
mailing list