Assuming that alcatel is a pppoe modem and not a "router", If you are using roaring pinguine and if you also did CLAMP MSS in iptables then you should put CLAMPMSS=no in /etc/ppp/pppoe.conf instead of a possible CLAMPMSS=1412 that might be there. tell us how if it was solved.
WARNING TO SPAMMERS: see at http://members.lycos.co.uk/my2nis/spamwarning.html > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Guy Teverovsky > Sent: Wednesday, November 19, 2003 8:49 PM > To: Shlomo Solomon > Cc: linux ILUG > Subject: Re: strange URL behaviour > > > Yes. It looks OK. This should adjust the client's MTU to the size > determined by PathMTU Discovery initiated from the router. > > Try the following to eliminate a problem with MTU: > >From your Win98 box run: > ping -f -l xxxx java.sun.com > where xxxx is TCP's payload size. > Start from 1472 and go down till you get a reply instead of "Packet > needs to be fragmented but DF set". > Record the largest value which results in reply, add 28 to that number > (TCP headers size) and set the NIC's MTU to that value. > > For example, if I get reply after "ping -f -l 1464", I would set the MTU > to 1492. > > Guy > > On Tue, 2003-11-18 at 05:44, Shlomo Solomon wrote: > > I do, but I admit to not knowing what that means - is this what you meant? > > > > [EMAIL PROTECTED] solomon]# iptables -L|grep clamp > > TCPMSS tcp -- anywhere anywhere tcp > > flags:SYN,RST/SYN TCPMSS clamp to PMTU > > > > > > On Tuesday 18 November 2003 04:36, Guy Teverovsky wrote: > > > Do you have --clamp-mss-to-pmtu in your iptables script ? > > > Something like: > > > $IPTABLES -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS \ > > > --clamp-mss-to-pmtu > > > > > > Guy > > > > > > On Mon, 2003-11-17 at 22:45, Shlomo Solomon wrote: > > > > Hi, > > > > > > > > My network consists of my Mandrake 9.1 box and 3 Win98 machines. All 4 > > > > machines and my Alcatel ADSL modem are connected to a hub and I run > > > > iptables with masquerading to allow the Win98 machines access to the > > > > internet. Until recently, all machines could reach any URL. But > recently, > > > > the Win98 machines cannot reach certain URLs. I suspected a DNS problem > > > > so I tried equivalent IP addresses but that didn't help. The strange > > > > thing is that **most** URLs are still reachable and I haven't > noticed any > > > > common factor in the unreachable ones. Also, the URLs that can't be > > > > reached on the 3 Win98 machines can be reached by Mozilla on > the Mandrake > > > > machine. Of course, I also cheched if the URLs could be reached from > > > > Windows machines not connected to my network. So the problem > does seem to > > > > be here. > > > > > > > > Any ideas where to look? I'm enclosing two examples of unreachable URLs: > > > > > > > > www.maariv.co.il > > > > www.simil.vze.com > > > > > > > > TIA > -- > > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > > ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
