source: npl/internetserver/poptop_ppp/patches/mppe_lower_mtu.diff @ 0105685

gcc484ntopperl-5.22
Last change on this file since 0105685 was c5c522c, checked in by Edwin Eefting <edwin@datux.nl>, 8 years ago

initial commit, transferred from cleaned syn3 svn tree
  • Property mode set to 100644
File size: 2.5 KB

  • ppp-2.4.3/pppd/ccp.c

     
    6767 */
    6868#ifdef MPPE
    6969bool refuse_mppe_stateful = 1;          /* Allow stateful mode? */
     70bool mppe_lower_mtu = 1; /* Set to 0 to disable dropping the MTU by 4 */
    7071#endif
    7172
    7273static option_t ccp_option_list[] = {
     
    156157      "allow MPPE stateful mode", OPT_PRIO },
    157158    { "nomppe-stateful", o_bool, &refuse_mppe_stateful,
    158159      "disallow MPPE stateful mode", OPT_PRIO | 1 },
     160   
     161    /* Option to avoid lowering our MTU by 4 (as should be done) to avoid
     162     * breakage with devices that don't handle PMTUD
     163     */
     164    { "mppe-lower-mtu", o_bool, &mppe_lower_mtu,
     165      "lower the MTU by 4 bytes for MPPE connections", OPT_PRIO | 1 },
     166    { "nomppe-lower-mtu", o_bool, &mppe_lower_mtu,
     167      "don't lower the MTU by 4 bytes for MPPE connections", OPT_PRIO },
     168
    159169#endif /* MPPE */
    160170
    161171    { NULL }
     
    11851195                     * allocate MPPE_PAD extra bytes in xmit buffers.
    11861196                     */
    11871197                    mtu = netif_get_mtu(f->unit);
    1188                     if (mtu)
    1189                         netif_set_mtu(f->unit, mtu - MPPE_PAD);
    1190                     else
     1198                    if (mtu) {
     1199                        /* Dropping the MTU seems to break Path MTU discovery
     1200                         * particularly where load-balancers are involved.
     1201                         * Not dropping the MTU may mean the occasional packet
     1202                         * goes unencrypted due to them being 4 bytes larger
     1203                         * and CCP thinking it's not worth encrypting.
     1204                         */
     1205                        if (mppe_lower_mtu)
     1206                            netif_set_mtu(f->unit, mtu - MPPE_PAD);
     1207                    } else
    11911208                        newret = CONFREJ;
    11921209                }
    11931210

  • ppp-2.4.3/pppd/pppd.8

     
    622622Enables the use of PPP multilink; this is an alias for the `multilink'
    623623option.  This option is currently only available under Linux.
    624624.TP
     625.B mppe\-lower\-mtu
     626Lowers the MTU by 4 bytes for MPPE connections. This is the correct
     627behaviour but breaks accessing some sites. This is the default.
     628.TP
    625629.B mppe\-stateful
    626630Allow MPPE to use stateful mode.  Stateless mode is still attempted first.
    627631The default is to disallow stateful mode. 
     
    766770.B nomppe\-128
    767771Disable 128-bit encryption with MPPE.
    768772.TP
     773.TP
     774.B nomppe\-lower\-mtu
     775Disables lowering the MTU by 4 bytes for MPPE connections. This is sometimes
     776required to access servers behind load balancing devices that break Path
     777MTU Discovery.
    769778.B nomppe\-stateful
    770779Disable MPPE stateful mode.  This is the default.
    771780.TP
Note: See TracBrowser for help on using the repository browser.