On Wed, 24 Aug 2005, Nick Holland wrote:
Guido Tschakert wrote:
Jonathan Schleifer wrote:
I don't see where you set the MTU/MSS? Are you sure you have set them
somewhere else? eBay is known to have problems with bad/wrong MTU/MSS.
Try adding scrub out on $ext_if max-mss 1414 to your pf.conf and adding
-mtu 1454 to the route. Also take a look at pppoe(4) [*NOT* pppoe(8)!],
section MTU/MSS ISSUES.
Hello Jonathan,
nice try, but i Don't use pppoe.
We have a DSL-Router from our providewr and as I mentioned before, we
had no Problems with the cisco-router doing the firewall job (Nat).
so, yes you DO use PPPoE. DSL systems VERY often have a
smaller-than-possible MTU.
This often causes problems much like you describe.
Just set it in your hostname.<if> file.
Google for simple ping tests to find the maximum MTU you can use in your
precise case...and see if setting the firewall accordingly solves your
problem.
Nick.
Just a note -- Brendan Gregg came up with a perl script to test MTU issues:
http://users.tpg.com.au/adsln4yb/Perl/mtufinder
If you want to test the entire spectrum of MTU/TCP MSS values, you will
need to adjust the while loop.
