[elrepo-devel] ip6t_TCPMSS is missing in kernel

David Ranch elrepo at trinnet.net
Mon Jul 18 12:17:13 EDT 2011 

Hello Michael,

 From what I've read, Redhat's EL 6.0 wasn't a very good initial release 
from them and a lot of things were broken.  I don't know the details but 
I encourage you to research it.  I've also read from the Centos team 
that they do NOT recommend upgrading from Centos 5.x to 6.x.  That's 
unfortunate and the usual mantra from the Redhat camp where as this 
issue has been long solved by the Debian/Ubuntu crown.  Grrr...

I hope that v6.1 was a significant cleanup for RHEL and if true, maybe 
you should wait a few more weeks (assuming they get it out in time) and 
try the Centos 6.1 release.  Otherwise, it shouldn't be too hard to find 
an updated Iptables rpm (or roll your own) for Centos 5 but at that 
point, it's up to you to keep your iptables code updated for security 
patches, etc.

Good luck!
--David

> Hi,
>
> Thank you David and Akemi.
>
> I will try to update the iptables first on my test system and than want to think about the upgrade to CentOs 6.
>
> Best regards,
> Michel
>
> On Sun, 17 Jul 2011 10:23:31 -0700, Akemi Yagi wrote:
>
>> On Sun, Jul 17, 2011 at 9:55 AM, David Ranch <elrepo at trinnet.net <mailto:elrepo at trinnet.net>> wrote:
>>> Hello Michael, You are running ip6tables v1.3.5 but MSS clamping 
>>> wasn't added until 1.3.8.  Do a search for "mss" in the changelog 
>>> and you'll find it:     
>>> http://ftp.netfilter.org/pub/iptables/changes-iptables-1.3.8.txt The 
>>> current stable version of iptables and ip6tables is 1.4.11. --David
>> Ah, so Phil's guess was right.
>>
>> RHEL/CentOS/SL-6 has iptables-1.4.7-3.el6. Also the el6 kernel has the
>> xt_TCPMSS(ip6t_TCPMSS) module. If upgrading to the el6 OS is the
>> option for you, Michel, that would be the easiest solution.
>>
>> Akemi
>> _______________________________________________
>> elrepo-devel mailing list
>> elrepo-devel at lists.elrepo.org <mailto:elrepo-devel at lists.elrepo.org>
>> http://lists.elrepo.org/mailman/listinfo/elrepo-devel
>>
>>     
>
>  
>
> -- 
> Check out my website: http://michel.foto-logs.nl
> ------------------------------------------------------------------------
>
> _______________________________________________
> elrepo-devel mailing list
> elrepo-devel at lists.elrepo.org
> http://lists.elrepo.org/mailman/listinfo/elrepo-devel
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.elrepo.org/pipermail/elrepo-devel/attachments/20110718/676c16cc/attachment.html>

More information about the elrepo-devel mailing list