Is there a way to force IP packet fragmentation before they go into tun0 and then force reassemble them on the other side of tun device?
I have some IPSec traffic that I can not control, and it wants 1500 MTU and just gets dropped at the tun device.
I guess it might be possible to encapsulate the traffic into TCP stream, then reassemble the stream back to packets – but it is definitely not how it should work due to various reasons. So I am wondering if there is a way to force fragmentation and reassembly for at least some matched packets at OS level in linux?
Best Answer
Have you tried
where xxx is whatever you deem appropriate?
EDIT:
you may want to take a look at this: this guy has a problem similar to yours,
The refs to his code are dead, but you can try writing him, avl@strace.net.