On Mon, 7 May 2001, Michel Decima wrote: > Hello everybody > > I'm using a linux box with netfilter to masquerade my home LAN > and I have (very) strange behaviour whith some web sites: They > are not reachable by the masqueraded workstation (but I can read > them from the firewall). After the browser says 'connected to X' > the connections stalls. I've checked the ECN feature, and it is > not compiled in the kernel.
This looks like an MTU problem. You may want to try to lower the MTU on your workstation and see if it works better. I had the same problem here when I configured my desktop as a firewall. I could access some web sites but not others, ftp dir would work but not getting files, I could get some email but not all. I read that it was because I use both pppoe and masquerading (still ipchains here) because somewhere 8 bytes are added. Once I set the MTU on the masqueraded machines to 1492 (or 1460) it worked fine. -- Francois Gouget [EMAIL PROTECTED] http://fgouget.free.fr/ Avoid the Gates of Hell - use Linux.
