Hello All, The info in Documentation/proc.txt for the ip_always_defrag sysctl variable states that : "never ever say Y here for a normal router or host." For a router, the possibility of not all fragments being routed through the same router(s) is a clear reason for this statement. However, why is this option ruled out for a host which is a simple endpoint for IP-traffic ? My interest is mainly because enabling the option would simplify the IPCHAINS rules required to provide packet filtering of selected services on a web server host. Is there a performance reason for not enabling the option or is there another rationale ? Any info appreciated. Many thanks, James Griffiths __________________________________________________ Do You Yahoo!? Kick off your party with Yahoo! Invites. http://invites.yahoo.com/ - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu
