[prev in list] [next in list] [prev in thread] [next in thread]
List: voyage-linux
Subject: AW: [Voyage-linux] Re: strange route / nat issue
From: "Hofer, Hermann" <h.hofer () ahsnet ! de>
Date: 2010-04-11 15:56:33
Message-ID: 504949FB9BB1A04FA4F5D00CCAFB23C006DED82356 () AHSCOM ! rv ! ahsnet ! de
[Download RAW message or body]
Hi Rob,
please add the following line to your NAT script:
iptables -t mangle -A POSTROUTING -o "$2" -p TCP --tcp-flags SYN,RST SYN -j TCPMSS \
--clamp-mss-to-pmtu
bevor or after the 2 MASUERADE lines. Baybe this solves your problems.
Hermann
-----Ursprüngliche Nachricht-----
Von: voyage-linux-bounces+h.hofer=ahsnet.de@list.voyage.hk \
[mailto:voyage-linux-bounces+h.hofer=ahsnet.de@list.voyage.hk] Im Auftrag von Rob J. \
Epping
Gesendet: Samstag, 10. April 2010 23:42
An: Wayne Lee
Cc: voyage-linux@voyage.hk
Betreff: Re: [Voyage-linux] Re: strange route / nat issue
Hi,
On Sat, Apr 10, 2010 at 8:47 PM, Wayne Lee <linkconnect@googlemail.com> wrote:
> > It looks like bigger packets (> 1026 bytes) get lostdropped
> > --
> > GRTNX,
> > RobJE
>
> Hi Rob
>
> With each protocol you run the usable window size for data gets reduced.
> I've not looked at the .pcaps but do you know which device is dropping
> the larger packets?, are you blocking all ICMP packet including the
> "packet to large please fragment" (Sorry I've forgot the
> proper/correct term and ICMP type for that and don't have full access
> to the net at the moment) message.
>
> Have a look at your MTU settings and test to see what the largest MTU
> to can use before fragmenting packets.
>
> Wayne
I fixed it for now by forcing the mtu to 1424.
most important things for now is getting firewalling up.
I'll have a look at this problem after configuring the rest.
THNX 4 the help!
--
GRTNX,
RobJE
_______________________________________________
Voyage-linux mailing list
Voyage-linux@list.voyage.hk
http://list.voyage.hk/mailman/listinfo/voyage-linux
_______________________________________________
Voyage-linux mailing list
Voyage-linux@list.voyage.hk
http://list.voyage.hk/mailman/listinfo/voyage-linux
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic