Or how set dont fragment (fragment) + iptables?

328.28.00 <(E-Mail Removed)> wrote:
> anybody know ?

If you're using IPTables you don't need to worry about this, but if
you're using 2.2 or earlier kernel, then I suggest you see the ipchains
howto.

http://www.tldp.org/HOWTO/IPCHAINS-HOWTO.html

Its possible to configure the kernel to always defragment using the
option 'IP: always defragment', but only if your box is the only
possible route for these packets. (Taken from the HOWTO)

You should be able to echo 1 into one of the files in
/proc/sys/net/ipv4/ipfrag_*

--
Cameron Kerr
(E-Mail Removed) : http://nzgeeks.org/cameron/
Empowered by Perl!

anybody know ?

R,
--

e.mail use: http://myemail.notlong.com gg:328.28.00

328.28.00 <(E-Mail Removed)> wrote:

> ipfrag_high_thresh (value:262144)
> ipfrag_low_thresh (value:196608
> ipfrag_secret_interval (value:600)
> ipfrag_time (value:30)
>
>
> whitch one ? i use kernel: 2.4.22

Then I don't think you need to worry about it.

--
Cameron Kerr
(E-Mail Removed) : http://nzgeeks.org/cameron/
Empowered by Perl!

U¿ytkownik Cameron Kerr napisa³:

[...]

#ls -al

ipfrag_high_thresh (value:262144)
ipfrag_low_thresh (value:196608
ipfrag_secret_interval (value:600)
ipfrag_time (value:30)


whitch one ? i use kernel: 2.4.22

R,
--

e.mail use: http://myemail.notlong.com gg:328.28.00

U¿ytkownik Cameron Kerr napisa³:

[...]

but Dear Cameron i need remove flags DF

R,
--

e.mail use: http://myemail.notlong.com gg:328.28.00

328.28.00 <(E-Mail Removed)> wrote:
> U¿ytkownik Cameron Kerr napisa³:

> [...]

> but Dear Cameron i need remove flags DF

You can't remove the DF flag, only set or clear it.

I think this will clear it and allow fragmentation:

echo -n 1 > /proc/sys/net/ipv4/ip_no_pmtu_disc

--
Clifford Kite Email: "echo xvgr_yvahk-(E-Mail Removed)|rot13"
PPP-Q&A links, downloads: http://ckite.no-ip.net/

U¿ytkownik Clifford Kite napisa³:

[...]

o am i ... wrrr you are right ! V. Thx.

R,
--

e.mail use: http://myemail.notlong.com gg:328.28.00