At 02:51 PM 9/9/98 +0200, Santiago Garcia Mantinan wrote:
>Hi!
>
>> It's because the masq module isn't as smart as it could be. When a packet
>> or fragment thereof comes in destined for the internet, the masq module
>> makes the required changes to its return address and forwards it on. If the
>> incoming packet on your eth0 (MTU 1500) is bigger than can go out your ppp0
>> (MTU 294) then it will drop it instead of letting it it fragment more.
>
>You are quite right, the problem is exactly that, when a package that is
>greater that ppp's MTU it should be fragmented and then
>masqueraded/forwarded, but it isn't, If you force the machine that is
>sending the packages to send them with an MTU equal to that of the ppp
>then everything goes OK becouse the packages are now coming in small
>chunks.
>
>The thing is... wich code should have fragmented those big packages? the
>Masq code? the Firewall code? the Forwarding code? Well, I don't know but
>seems to me that it is not the Masq code's duty :-???
Can anyone answer this more fully? If it's another module's duty, I would
think that the masq code would simply allow the other code to do its job. I
suspect that the problem is with the masq code changing some parts of the
message header to masquerade the connection. Perhaps it can't re fragment
without either destroying the masquerade or adding immense levels of
complexity?
--
Sandy Coyne, obviously "A day without sunshine is like
[EMAIL PROTECTED] a day without orange juice"
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
