Albert Lu wrote: > > Hello Group, > > I've had this interesting thing happen with a PIX where tcp > connection for > HTTP was established through it however data does not pass > through > correctly, since there was no HTTP data being sent through. I > noticed that > the MTU for the outside and inside interfaces were different > and changed > them to the default 1500 and things began to work normally. > > Does anyone have any idea why the MTU size would effect HTTP > data eventhough > tcp was established?
Well, the obvious answer is that the packets for TCP connection estabishment are very small, while the actual HTTP data packets are generally much larger, 500 to 1500 bytes or so, depending on the implementation. A TCP SYN, SYN ACK, and ACK on Ethernet would only be about 64 bytes. A generic IP header is 20 bytes, as is a generic TCP header, with no options. Add the Ethernet header, FCS, and padding to get to 64. What were the MTUs set to? Also, having the MTUs different on the inside and outside interfaces could be an issue. The PIX might have to fragment. Does it support that? Would it be disabled by default? Just a few comments to get the conversation going. :-) _______________________________ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com > > Thanks > > Albert > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61499&t=61441 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
