>
> > note that masquerading normally works in a manner
> transparent to remote
> > gateways (e.g. the ADSL modem and anything beyond it towards your
> > provider) so a different between the behaviour of the
> masquerading gateway
> > and the masqueraded client(s) is probably a
> misconfiguration on the local
> > LAN.
>
> Yup. But the problem occurs with 3 different clients and 2 different
> choices of gateways, each with a different OS. Furthermore, the same
> setup worked perfectly with ISDN instead of ADSL. That,
> added with the
> nature of the problem, sounds rather fishy.
>
ADSL is different from ISDN because ADSL uses some sort of
PPP-over-ethernet encapsulation (in our case pptp), thus reducing the
possible MTU. Your masquerading clients don't know about this, and
because of it your problem happens. I had the same problem, and
reducing the MTU to 1436 on all masq. clients solved the problem. My
gateway is Linux running 2.4 kernel, and clients are all W2K machines.
Please note that if you run Win2000 too, then MTU-changing tools made
for Win9x won't work, and you have to reboot before the change takes
effect.
> Perhaps there's some difference in the header of a masqueraded
> fragmented packet vs. a normal fragmented packet, and the former is
> mishandled by the ADSL modem or somewhere upstream?
>
> ** Did anyone manage to get masquearding working with ADSL?
> Using what
> modem and what ISP? **
>
I managed to make it work. I'm connected with Orckit ATUR3 to Barak,
using kernel 2.4.1, and the only iptables rule you need to make it
work is:
iptables -t nat -A POSTROUTING -o ppp+ -j MASQUERADE
Haim Gelfenbeyn.
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
