On Wed, Dec 19, 2001 at 10:52:18PM -0800, Mr O wrote:
> I'm losing my web here!! Keep in mind this only happens on THIS machine and
> not on any other accessing the same sites.
>
> Other side note. I can ping all the sites I can't access. Wierd enough yet?
What's your network setup look like? Is this machine behind a
firewall doing NAT? Is the firewall also a Linux box? (if so, what
version?) What sort of Internet connection do you have?
If your firewall is Linux 2.4.x running NAT, you may need this module
(part of NetFilter). If you've got PPPoE DSL, this is almost
definitely the problem.
------------------------------------------------------------------------
TCPMSS target support
CONFIG_IP_NF_TARGET_TCPMSS
This option adds a `TCPMSS' target, which allows you to alter the
MSS value of TCP SYN packets, to control the maximum size for that
connection (usually limiting it to your outgoing interface's MTU
minus 40).
This is used to overcome criminally braindead ISPs or servers which
block ICMP Fragmentation Needed packets. The symptoms of this
problem are that everything works fine from your Linux
firewall/router, but machines behind it can never exchange large
packets:
1) Web browsers connect, then hang with no data received.
2) Small mail works fine, but large emails hang.
3) ssh works fine, but scp hangs after initial handshaking.
Workaround: activate this option and add a rule to your firewall
configuration like:
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN \
-j TCPMSS --clamp-mss-to-pmtu
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
------------------------------------------------------------------------
-- Agthorr
