[ProgSoc] Getting ipsec-tools to work between Ubuntu Lucid hosts

John Elliot jj5 at jj5.net
Sat Jul 30 15:41:03 EST 2011

On 30/07/2011 2:38 PM, John Elliot wrote:
> So... how can I configure the MSS/MTU being used by IPSec connections?

The answer: use the ip command.

I wrote this [1] script to determine the maximum MSS I could get away 
with using IPSec, and came up with the value 218.

Problem solved! My hosts are now talking to each other encrypted! 
(Although I think that's a terribly small packet size, so I'm probably 
going to have performance issues...)

[1] root at hope:/# cat try
ip route flush
ip route add dev eth0 advmss $1
ssh -vv jj5 at charity.progclub.org

More information about the Progsoc mailing list