We had the same kind of problem and discovered a "feature" in Windows. It seems
that Windows (NT at least, I don't know about 2000) always sets the Don't
Fragment" bit. We had to lower the MTU on our firewalls to accommodate this,
since our NT guys said we couldn't set a static MTU on the servers.
-Jon
> -----Original Message-----
> From: Miguel Martinez [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, January 16, 2001 6:20 PM
> To: [EMAIL PROTECTED]
> Subject: Problems with Fragment bit Set in big packets!
>
> Hi!
>
> I hope someone can help me. We are running a web based application that makes
> queries to an Oracle server in a remote network over a WAN with a VPN tunnel
> made by the routers. The problem is that the web based application is sending
> packets with the "don't fragment" bit on. So, when the routers encrypt the
> packets they can't fragment the big ones and drops them. I don't know where
> this fragment bit came from or who established it? The web based application
> was developed in-house.
>
> If someone can bring me some clue, I will really appreciate it!
> Thanks for your help.
>
> Miguel Martinez
> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
