Depending on your OS you may be able to disable "Path MTU Discovery". That
will get rid of your DF bit.
However, this problem would only occur if the ICMP error message generated
by the router didn't make it back to the Webserver - you could verify this
with a sniffer. If the ICMP error _is_ making it back to the webserver then
I doubt this is your issue.
My spider senses are tingling - is this a case of "the router guys" not
being able to get things working and telling you it's a problem with your
webserver?
Cheers,
--
Ben Nagy
Marconi Services
Network Integration Specialist
Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
-----Original Message-----
From: Miguel Martinez [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 17 January 2001 10:50
To: [EMAIL PROTECTED]
Subject: Problems with Fragment bit Set in big packets!
Hi!
I hope someone can help me. We are running a web based application that
makes queries to an Oracle server in a remote network over a WAN with a VPN
tunnel made by the routers. The problem is that the web based application
is sending packets with the "don't fragment" bit on. So, when the routers
encrypt the packets they can't fragment the big ones and drops them. I
don't know where this fragment bit came from or who established it? The web
based application was developed in-house.
If someone can bring me some clue, I will really appreciate it!
Thanks for your help.
Miguel Martinez
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
