Nick Holland wrote:
Guido Tschakert wrote:
Jonathan Schleifer wrote:
I don't see where you set the MTU/MSS? Are you sure you have set them
somewhere else? eBay is known to have problems with bad/wrong MTU/MSS.
Try adding scrub out on $ext_if max-mss 1414 to your pf.conf and adding
-mtu 1454 to the route. Also take a look at pppoe(4) [*NOT* pppoe(8)!],
section MTU/MSS ISSUES.
Hello Jonathan,
nice try, but i Don't use pppoe.
We have a DSL-Router from our providewr and as I mentioned before, we
had no Problems with the cisco-router doing the firewall job (Nat).
so, yes you DO use PPPoE. DSL systems VERY often have a
smaller-than-possible MTU.
This often causes problems much like you describe.
Ok, the DSL-Router of my provider uses PPPOE.
But please tell me, why I should set the mtu on the openbsd router to
something lower then 1500 when the cisco router, I used before and now
has set the mtu on his outgoing interface to 1500.
(This router has 2 Ethernet-Interfaces and does nothing with pppoe).
Why can it deal with this problem and openbsd not.
BTW. this morning I tried the suggestions from Jonathan and it didn't
work :-(
As I mentioned in another thread (ok, it was stupid to fork the thread)
there is another problem with malformed packets and reassemble tcp and
all other scrub rules I tried did'nt work.
Just set it in your hostname.<if> file.
Google for simple ping tests to find the maximum MTU you can use in your
precise case...and see if setting the firewall accordingly solves your
problem.
Nick.
--
Mit freundlichen Gr|_en,
Guido Tschakert
