I am having trouble with IP forwarding to specific sites on a very
typical configuration. The router itself can access these sites but
clients can not. I have looked in obvious places on the clients, but I
cannot find a cause. I reinstalled OpenBSD on the router after getting
SSL errors where SSL s
On Mon, Sep 30, 2013 at 11:18:55PM +1000, John Tate wrote:
> I am having trouble with IP forwarding to specific sites on a very
> typical configuration. The router itself can access these sites but
> clients can not. I have looked in obvious places on the clients, but I
> cannot find a cause. I rei
Quoting John Tate :
I am having trouble with IP forwarding to specific sites on a very
typical configuration. The router itself can access these sites but
clients can not. I have looked in obvious places on the clients, but I
cannot find a cause. I reinstalled OpenBSD on the router after getting
Hi,
Le 30/09/2013 15:41, Vijay Sankar a écrit :
> Quoting John Tate :
>> I can ping www.google.com.au and load the page in lynx from the router
>> but not from other machines. Whereas I can use gmail like I am at the
>> moment fine. This is a very, very strange bug I am experiencing.
>>
I would
On 2013-09-30 08:18, John Tate wrote:
I am having trouble with IP forwarding to specific sites on a very
typical configuration. The router itself can access these sites but
clients can not. I have looked in obvious places on the clients, but I
cannot find a cause. I reinstalled OpenBSD on the rou
It would help if you told me how to do this...
# ifconfig pppoe max-mms 1400
ifconfig: max-mms: bad value
# ifconfig pppoe0 max-mms 1440
ifconfig: max-mms: bad value
On Mon, Sep 30, 2013 at 11:53 PM, James Shupe wrote:
> On 2013-09-30 08:18, John Tate wrote:
>>
>> I am having trouble with IP for
Found it:
While pppoe(8) has an internal option, ``mssfixup'', which is enabled by
default and takes care of this, pppoe users have to rely on other
methods. Using a packet filter, the maximum segment size (MSS) can be
set (clamped) to the required value. The following rule in pf.conf(5)
would se
This part of the manual is out of date and the syntax does not work
with pf in OpenBSD 5.3:
While pppoe(8) has an internal option, ``mssfixup'', which is enabled by
default and takes care of this, pppoe users have to rely on other
methods. Using a packet filter, the maximum segment size (MSS) can
On 2013-09-30 11:12, John Tate wrote:
This part of the manual is out of date and the syntax does not work
with pf in OpenBSD 5.3:
While pppoe(8) has an internal option, ``mssfixup'', which is enabled
by
default and takes care of this, pppoe users have to rely on other
methods. Using a packet
Well max-mss doesn't seem to help I can still only access gmail and
not google.com.au. Also it has become suddenly selective after months
with no problem so I wonder if this is the default these days. Still
problems.
On Tue, Oct 1, 2013 at 2:02 AM, James Shupe wrote:
> On 2013-09-30 10:58, John T
On Tue, Oct 1, 2013 at 2:29 AM, Luis Coronado wrote:
> set reassemble yes no-df
>
> I tried using match and scrub rules without luck, but the 'reassemble yes
> no-df' solved my problems with the GRE tunnels we use among networks.
>
> Just make sure you dont have set skip on pppoe0
>
> -luis
Just t
Things are working fine from another one of my computers, it must be
something to do with the computer I'm using. Sorry about that
everyone.
On Tue, Oct 1, 2013 at 2:48 AM, John Tate wrote:
> Yeah I am using my lan not the wlan. I've not got to even seeing if
> the wlan even works yet, though it
It worked for a while but since rebooting my router now none of my
computers work to access google.com, gmail.com works. Many other sites
are not working, it is very frustrating.
Clients on the wireless also don't work, it is the same problem. I can
ping all the sites I can't access the problem ap
Quoting John Tate :
It worked for a while but since rebooting my router now none of my
computers work to access google.com, gmail.com works. Many other sites
are not working, it is very frustrating.
Clients on the wireless also don't work, it is the same problem. I can
ping all the sites I can'
set reassemble yes no-df
match in on pppoe0 scrub (max-mss 1440 no-df reassemble tcp)
"match in on"? You need to match both directions.
Also, stop top posting.
--
James Shupe
> Since starting the thread I have changed my pf.conf on advice of other
> users to have these lines...
> set reassemble yes no-df
> match in on pppoe0 scrub (max-mss 1440 no-df reassemble tcp)
>
> Any more ideas?
I have a similar problem here, and I still doesn't found the solution,
but maybe y
I've done this, now Google works, but Facebook is still not working
and probably some other sites.
On Tue, Oct 1, 2013 at 3:34 AM, Luis Coronado wrote:
> if you keep set reassemble yes no-df you can (must?) remove the match in on
> pppoe0 scrut (max-mss 1440 no-df reassemble tcp)
>
> -luis
>
>
>
Looks like I just had to remove the match line and just use "set
reassemble yes no-df" and restart my interfaces on clients. Everything
appears to work now.
Still amazes me this wasn't a problem for months.
On Tue, Oct 1, 2013 at 4:34 AM, John Tate wrote:
> I've done this, now Google works, but
Alright at the moment things are mostly working but I've found I can't
access Google Plus and Facebook never finishes loading, though at
least now it loads a bit. Connections like ssh generally seem to be
staying open. Is there something unusual about Facebook that anyone
knows about?
--
www.joh
Try just "match on pppoe0 scrub (max-mss 1400 no-df)" and remove the
reassemble line.
--
James Shupe
On 2013-09-30, Denis Fondras wrote:
> I would have thought of a MTU problem at first but being able to use
> Gmail might prove me wrong.
no, google tend to limit MSS anyway.
Less worked last night using that than when using "set reassemble yes no-df"
Now it isn't working again and what you suggest doesn't seem to work
either. Though gmail still works.
There must be something else wrong.
On Tue, Oct 1, 2013 at 6:15 AM, James Shupe wrote:
> Try just "match on pppoe
Actually "match on pppoe0 scrub (max-mss 1400 no-df)" seems to also
work I had 1440 entered in. Though Facebook doesn't finish loading
still, and sometimes things don't work. So as I said, something else
must be wrong.
On Tue, Oct 1, 2013 at 10:13 AM, John Tate wrote:
> Less worked last night usi
Did some reading, my ISP seems to require a specific not default mtu
of 1454. Facebook actually finishes loading now, things might be okay.
On Tue, Oct 1, 2013 at 10:29 AM, John Tate wrote:
> Actually "match on pppoe0 scrub (max-mss 1400 no-df)" seems to also
> work I had 1440 entered in. Thoug
John Tate [j...@johntate.org] wrote:
> It would help if you told me how to do this...
Fuck your whining.
* John Tate [2013-09-30 20:34]:
> but Facebook is still not working
that's a feature.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consul
26 matches
Mail list logo
