"This target is used to overcome criminally braindead ISPs or servers which block ICMP Fragmentation Needed packets. The symptoms of this problem are that everything works fine from your Linux firewall/router, but machines behind it can never exchange large packets:
1) Web browsers connect, then hang with no data received.
2) Small mail works fine, but large emails hang.
3) ssh works fine, but scp hangs after initial handshaking."
Even if it was in the man page, I probably wouldn't have found it until some time cuz I didn't have any idea where to look (given the seemingly esoteric nature of the problem). Thanks again!
-Paul Patrick Prantilla
Edel SM wrote:
if youre on a ppp link, i think this will help:
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -o <ppp_interface> -j TCPMSS -clamp-mss-to-pmtu
--edel
On Mon, 06 Dec 2004 08:11:16 +0800, Paul Patrick Carpio Prantilla <[EMAIL PROTECTED]> wrote:
Orlando Andico wrote: > perhaps this is similar to the yahoo login problem experienced by > users of squid. i think it has something to do with the "do not > defragment" bit in the TCP header. i assume you mean web login. i > assume yahoo messenger logins still work as advertised. >
Hello,
Thanks. The network in concern uses PLDTs DSL. I don't use squid though, so if squid is the culprit...it would probably be on PLDTs side. I'll try to look in to it some more. Btw, yup...I mean having problems with the web login. Yahoo messenger logins still work perfectly.
I've just observed some puzzling behaviour since my last post however. Using the linux box as a router with the kernel that had some stripped down networking options, some of the clients were in fact able to login to mail.yahoo.com, however they were not able to logout. After a few hours however, they were not able to anymore.
Using a windows PC as a gateway/router causes no problems however. All the nodes in the small network are able to login any site at all. The inconsistency of it all is quite boggling. I still can't shake the feeling however that it may be due to some network option configuration in my new kernel since the problems started exactly after upgrading to 2.4.28.
-Paul Patrick Carpio Prantilla
================================== The statement below is false. The statement above is true. ================================== -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
-- ================================== Paul Patrick Carpio Prantilla
University of the Philippines Computer Science Graduate Student ================================== -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
