I'm trying to understand why I can't access a host from my NAT network.> -SNIP- <
I thought my firewall must be blocking. I enabled logging of dropped
packets but still didn't see what wasn't working.
So I disabled it and now have a very basic masquerading setup -- no dropping (shown below). NAT is working from my internal laptop:
If you are able to connect to other sites from the internal network, and only have problems with this site (or maybe just a few others), I would suspect ECN is set on your NAT box. Check /proc/sys/net/ipv4/tcp_ecn and see if it is set to something other than 0 (zero).
This is a "feature" in the 2.4.X kernels that isn't universally recognized among the routers on the Internet, and causes some sites to be mysteriously in-accessable. This option is usually selected at kernel compile time. I "think" you can change it on the fly by echoing a zero to this file... but I am not sure. You might want to search the archives on the keyword "ecn" .... I am sure it has been discussed here before.
Cheers, -Don Spoon-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
