On Monday 02 Sep 2013 19:34:25 Grant wrote: > Here's my layout: > > laptop+shorewall (MTU:1500) -> hotel router (MTU:?) -> internet -> > Westell modem/router (MTU:1492) -> desktop+shorewall (MTU:1500) > > Shouldn't PMTUD change the desktop's MTU to 1492?
Your desktop's PMTUD will get an ICMP response from Westell as it tries to traverse through it and it will adjust the outgoing packet size accordingly. Ditto with your laptop, when it tries to establish a connection with your desktop. > Is the fact that it > doesn't due to a flaw in the Westell's operation? Should I manually > change the desktop's MTU to 1492 along with that of other systems on > its LAN? It won't harm if you do. However, we don't know for a *fact* that the Westell is not returning the appropriate ICMP packets (Type 3, Code 4) to your laptop, or your desktop. You can use tcpdump to see what's being sent back and forth. > > If you are using Shorewall at your remote server I would expect it to > > behave properly and return the correct ICMP packet when it receives a > > DF. However, I am not familiar with the Shorewall properties and > > settings, so if you suspect this as the cause of your problem it would > > be better if you look into it properly. > > So I'm sure I understand, this doesn't apply if ICMP is dropped at the > Westell? ICMP echo request may be dropped by Westell's firewall, but ICMP Type 3, Code 4 could well be returned when a TCP connection is being initiated by your laptop. I don't know how ham-fisted Westell's firewall settings are. Meanwhile, stating the obvious, have you tried using the desktop squid proxy while you are inside your LAN with the same laptop to see if the problem remains? -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
