I had a similar problem here on my LAN. I use IP-Masquerading to allow me to share the same modem-link with my other computers, and the MTU on my ethernet based LAN was 1500. It was also 1500 between my ISP and gateway computer, but since the kernel has to add a few bytes to the packet to perform the NAT, I was always sending out fragmented packets.
If your gateway-to-ISP MTU is 1460, I would suggest dropping the MTU on your LAN to around 1400. I can't remember the exact size of the data the kernel adds, but I don't think it was more than 60 bytes. Of course, this assumes that you are using IP-Masq. You should be able to change the MTU of your ethernet interfaces by adding an MTU=???? line to the /etc/sysconfig/network-scripts/ifcfg-eth? script(s). Then you need to do something like /etc/init.d/network restart If that doesn't work (you can tell by running 'ifconfig') it's probably due to a bug in the network config scripts (there one was talked about on this list, but I don't know if they fixed it in the most recent updates). If the MTU didn't change, you can do what I did: put lines like these in your /etc/rc.d/rc.local script /sbin/ifconfig eth0 mtu 1400 Hope this helps, Ben On Thu, Nov 15, 2001 at 06:37:22AM -0500, Glenn Henshaw wrote: > I have a problem with my RH7.1 box that acts as a PPP dial up gateway. > > The setup is as follows. The Linux box is set up to do PPP on > demand through a modem for several computers on my home network. It > runs a firewall, DNS, and file services for the network. > > A few months ago, following a change at my ISP, http access to some > sites stopped working. After a few days and some long web searches, I > found that the MTU size on the PPP link was smaller than that on the > ethernet (570 and 1500 respectively). Part of the fix was upgrading > to RH7.1, as well as specifying an MTU size in the PPP options. > > This worked until last week, when the ISP stopped honouring my > request for an MTU of 1534 and dropped it to 1460. Now I have several > http sites that I cannot access because fragments of packets get lost. > > Suggestions? Upgrading to RH7.2 will be difficult as redhat is one > of the sites I can't get to. -- Ben Logan: blogan at newcreature dot org OpenPGP Key KeyID: A1ADD1F0 _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/seawolf-list
