AW: [Voyage-linux] Re: strange route / nat issue
Hofer, Hermann
(spam-protected)
Sun Apr 11 23:56:33 HKT 2010
Hi Rob,
please add the following line to your NAT script:
iptables -t mangle -A POSTROUTING -o "$2" -p TCP --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
bevor or after the 2 MASUERADE lines. Baybe this solves your problems.
Hermann
-----Ursprüngliche Nachricht-----
Von: voyage-linux-bounces+h.hofer=ahsnet.de at list.voyage.hk [mailto:voyage-linux-bounces+h.hofer=ahsnet.de at list.voyage.hk] Im Auftrag von Rob J. Epping
Gesendet: Samstag, 10. April 2010 23:42
An: Wayne Lee
Cc: voyage-linux at voyage.hk
Betreff: Re: [Voyage-linux] Re: strange route / nat issue
Hi,
On Sat, Apr 10, 2010 at 8:47 PM, Wayne Lee <linkconnect at googlemail.com> wrote:
>> It looks like bigger packets (> 1026 bytes) get lostdropped
>> --
>> GRTNX,
>> RobJE
>
> Hi Rob
>
> With each protocol you run the usable window size for data gets reduced.
> I've not looked at the .pcaps but do you know which device is dropping
> the larger packets?, are you blocking all ICMP packet including the
> "packet to large please fragment" (Sorry I've forgot the
> proper/correct term and ICMP type for that and don't have full access
> to the net at the moment) message.
>
> Have a look at your MTU settings and test to see what the largest MTU
> to can use before fragmenting packets.
>
> Wayne
I fixed it for now by forcing the mtu to 1424.
most important things for now is getting firewalling up.
I'll have a look at this problem after configuring the rest.
THNX 4 the help!
--
GRTNX,
RobJE
_______________________________________________
Voyage-linux mailing list
Voyage-linux at list.voyage.hk
http://list.voyage.hk/mailman/listinfo/voyage-linux
More information about the Voyage-linux
mailing list