On Sun, Aug 5, 2012 at 9:24 AM, David Walker <davidianwal...@gmail.com> wrote: > Daniel Melameth <daniel () melameth ! com> wrote: >> When using pppoe(4), MSS can be a problem. I recommend you read the >> MTU/MSS ISSUES section of the man page and see if that resolves your >> issue. > > I have read and tried.
What have you tried? > As far as I can see there's an issue with incoming packets. > AFAIUI, MSS will limit the size of outgoing. TCP negotiates MSS so a TCP session will never have an MSS higher than what one side can accept. > I'd like to know the relationship between that and path MTU and what I > see as the apparent default block on ICMP in pf ... > Sending packets is one thing but if a distant host is unable to > determine the MTU for the next hop (to me) via ICMP then there's a > problem right? There is no default block of ICMP. As a matter of fact, unlike some other poor firewall implementations that break PMTU (and this might be what you are experiencing with some hosts), you cannot configure pf to block ICMP for an existing state. > Does setting MSS on PPP and therefore MTU affect this? Setting a max-mss via pf has little to do with ICMP. > Do I need to explicitly allow ICMP to enable this behaviour? No--see above.
