eoip icon indicating copy to clipboard operation
eoip copied to clipboard

Published 20 hours ago verified publisher icon bbonev

clear DF bit on tunnel traffic

Open deeiche opened this issue 1 year ago • 2 comments

On Mikrotik you can clear Do not Fragment flag with a mangle rule, https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle , clear-df - clear 'Do Not Fragment' Flag . OpenBSD also has support for this in it's implementation of EOIP.

Can you remove DF flag on traffic going through the EOIP tunnel?

deeiche avatar Dec 14 '23 19:12 deeiche

If I am not misunderstanding, you can do the same on Linux with iptables in the mangle table

bbonev avatar Dec 14 '23 20:12 bbonev

I have not been able to find iptable mangle table example to clear DF bit for specific traffic traversing EOIP tunnel.

deeiche avatar Dec 14 '23 22:12 deeiche