The problem: when this router/firewall was hooked to the client's DSL modem using PPPoE, some web sites would load and some wouldn't, but pings (with default settings) would get through just fine. When hooked to a non-PPPoE cable modem, there was no problem at all.
The solution: As several people suggested, PPPoE overhead meant that the MTU setting on the client PC had to be adjusted downward. Per David Shipman's suggestion, I played with non-fragmenting ping packets of various sizes and was able to find the correct MTU value with very little fuss. (As it happened, the correct figure was 1432.) Things still weren't even close to optimal, so I played with with a few other paramters and found that the RWIN setting also needed to be decreased. The dslreports.com "tweak tests" saved a lot of time here, but it was as nothing compared to the boost I got from the MTU suggestions that put me on this path in the first place. Many thanks to all who responded! The thing that held me up here was the counterintuitive notion that a general setting like the MTU would have such a disparate effect on different web sites. I assume that it only ran counter to my intuition because my intuition isn't educated enough yet. Perhaps the web pages that came through fine even with the 'bad' MTU were on servers that somehow signaled a more appropriate MTU setting to the client, or were more suitable for MTU discovery by the client? -Lauren _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
