On Wed, 19 Jul 2006, Sebastian Benoit wrote: > This sounds like a MTU problem. Either those sites are blocking
Unlikely. I have cable, not a PPTP/PPPoE link. Therefore, no packet encapsulation. I'm aware of the MTU issue with ADSL. > ICMP-frag-needed messages or you are. I think I am. _Only_ reassemble tcp breaks things, but why? > - set the correct MTU > - check pf.conf for "scrub max-mss [...]" No changes necessary, IMHO. > - google Have done this, of course. Turned up e.g.: http://www.benzedrine.cx/pf/msg07352.html http://monkey.org/openbsd/archive/bugs/0312/msg00059.html Similar problem but no solution. > - why do you use no-df? Because of the NFS issue mentionied in pf.conf(5) and the FAQ. May not be useful on the external interface, though. However, the problem persists even without no-df. Regards, Walter
