On Wed, 19 Mar 2008, ann kok wrote:
Some DSL clients, some are working fine.
(browsing...ping ...)
Some DSL clients have this problem
they can't browse the sites.
they can ssh the host but couldn't run the command in
the shell prompt
ping packet are working fine (no packet lost)
Seems like that when the first packet that exceeds MTU (I guess 1492)
on the path is sent, you get a PMTU blackhole. You will see the same
problem if you ping with big packets.
As to why some clients work and others do not -- a good question. I
have some theories on this point (different behaviour wrt setting DF
bit; no MSS clamping and some DSL clients have MTU=1492 exposed to the
user, others have a middlebox router which shows MTU=1500; some
others).
You may want to check that both ends are receiving ICMP packet too big
messages (i.e. a firewall doesn't filter them out).
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
