>> Here's my layout: >> >> laptop+shorewall (MTU:1500) -> hotel router (MTU:?) -> internet -> >> Westell modem/router (MTU:1492) -> desktop+shorewall (MTU:1500) >> >> Shouldn't PMTUD change the desktop's MTU to 1492? > > Your desktop's PMTUD will get an ICMP response from Westell as it tries to > traverse through it and it will adjust the outgoing packet size accordingly. > > Ditto with your laptop, when it tries to establish a connection with your > desktop. > > >> Is the fact that it >> doesn't due to a flaw in the Westell's operation? Should I manually >> change the desktop's MTU to 1492 along with that of other systems on >> its LAN? > > It won't harm if you do. However, we don't know for a *fact* that the Westell > is not returning the appropriate ICMP packets (Type 3, Code 4) to your laptop, > or your desktop. > > You can use tcpdump to see what's being sent back and forth.
Ah, so PMTUD doesn't actually change the setting reported by ifconfig. It's done on-the-fly. >> > If you are using Shorewall at your remote server I would expect it to >> > behave properly and return the correct ICMP packet when it receives a >> > DF. However, I am not familiar with the Shorewall properties and >> > settings, so if you suspect this as the cause of your problem it would >> > be better if you look into it properly. >> >> So I'm sure I understand, this doesn't apply if ICMP is dropped at the >> Westell? > > ICMP echo request may be dropped by Westell's firewall, but ICMP Type 3, Code > 4 could well be returned when a TCP connection is being initiated by your > laptop. I don't know how ham-fisted Westell's firewall settings are. > > Meanwhile, stating the obvious, have you tried using the desktop squid proxy > while you are inside your LAN with the same laptop to see if the problem > remains? That's a fine idea and I will do so once I get back there. Thanks for the education Mick. :) - Grant