From mboxrd@z Thu Jan  1 00:00:00 1970
From: bert hubert <ahu@ds9a.nl>
Date: Fri, 21 Sep 2001 09:51:41 +0000
Subject: Re: [LARTC] Firewall+NAT: only succeeds for SOME external sites??
Message-Id: <marc-lartc-100106589726950@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-100102468021752@msgid-missing>
In-Reply-To: <marc-lartc-100102468021752@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: lartc@vger.kernel.org

On Fri, Sep 21, 2001 at 11:43:10AM +0200, sebastien Robart wrote:
> i use pppoe and nat too. I have problems with 2 sites (63.238.77.237 and 
> 195.101.41.250) only when i change the mru option (rp-pppoe), not the 
> mtu. And problem are only for box behind the gateway, directly from the 
> gateway i have no problem.
> seem a masq + mru bug. (don't ask me what is mru, i didn't have found 
> something on it)

When using pppoe with masquerading, or any networking at all, use MSS
Clamping, either in the pppoe-daemon or in iptables itself. This solves a
lot or problems with path MTU discovery.

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
Trilab                                 The Technology People
Netherlabs BV / Rent-a-Nerd.nl           - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/