On 03/07/11 08:28, Arie Skliarouk wrote: > Hi, > > On Sun, Jul 3, 2011 at 08:02, shimi <linux...@shimi.net > <mailto:linux...@shimi.net>> wrote: > > If you want, prior to calling them, to combat them with their own > weapon, thankfully there's a UDP protocol that probably no ISP > would want to degrade; Try switching to port 53 :-) > > > I think that would not work as I observe frequent name server errors > at exactly same periods (I am using Google's free DNS servers 8.8.8.8 > and 8.8.4.4). Hmm, need to switch to the local DNS servers... If that's the case, then your implied accusation, that they are treating traffic differently based on protocol, might actually be false. Have you tried big ping packets (size > 100)? You can send them using "ping -s 256".
If that's the case, then it's "business as usual", and TCP packets probably have the exact same problems. As for why communication over the VPN seems slower - it might be that you have not lowered the MTU of connections going over the VPN link. If that's the case, packets get fragmented, and a single TCP packet turn into two UDP packets. If that happens, the chances of a drop are doubled, which means that the chances of a retransmission are doubled too. Try to make sure that the MTU of the TUN interface is lower than the MTU of the actual interface where packets are really sent (ppp0?), and that there is a firewall rule to squash the MSS to the MTU. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com
_______________________________________________ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il