Re: Using a remote internet connection.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ralf Spenneberg <lists@spenneberg.org>
To: Pete Zieba <pete_1024@yahoo.com>
Cc: Netfilter <netfilter@lists.netfilter.org>
Subject: Re: Using a remote internet connection.
Date: 08 Oct 2003 11:45:22 +0200	[thread overview]
Message-ID: <1065606321.1671.99.camel@kermit> (raw)
In-Reply-To: <20031004003050.57956.qmail@web12701.mail.yahoo.com>

Am Sam, 2003-10-04 um 02.30 schrieb Pete Zieba:
> I then do the following:
> I reconfig my workstation to use his ISP's nameserver.
> I can now ping domains (yahoo, etc.)
> I CANNOT get to MOST websites. (msn.com is one of my
> few successes)
> 
> *Note that everything works fine if I try to get to
> websites using "links" as a browser in the console of
> my linux box. It is only machines on my LAN side that
> have problems.
You might have some problems with the PMTU-Discovery since you probably
have several different MTUs on the Path and firewalling in between.
Either get the firewalls to allow ICMP-frag-needed through or you might
want to try the 
TCPMSS target to confine TCP-packet to a maximum size, like:
-j TCPMSS --set-mss 1300 or -j TCPMSS --clamp-mss-to-pmtu
I do not know if 1300 would be the best value but at least it should get
the connection working if thats the problem.

Cheers,

Ralf
-- 
Ralf Spenneberg
RHCE, RHCX

Book: Intrusion Detection für Linux Server   http://www.spenneberg.com
IPsec-Howto				     http://www.ipsec-howto.org
Honeynet Project Mirror:                     http://honeynet.spenneberg.org

     prev parent reply	other threads:[~2003-10-08  9:45 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-10-04  0:30 Using a remote internet connection Pete Zieba
2003-10-08  9:45 ` Ralf Spenneberg [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1065606321.1671.99.camel@kermit \
    --to=lists@spenneberg.org \
    --cc=netfilter@lists.netfilter.org \
    --cc=pete_1024@yahoo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.