have you played with the mtu ? Often times the dhcp server on the home router giveth the mtu of 1500. It is perfectly OK if you either:
- don't use VPN from router to ISP - use encryption (when wifi frame < IP frame sent from the router to the ISP) Otherwise, you get 1 packet of the internal network is wraped into more than 1 packets to the outside world. This (IIRC) is IPv4 problem (fragmentation), and some routers don't do this well. To resolve it you can make sure that 1 wifi packet = 1 outgoing packet of your router to the ISP, by reducing the MTU on the clients, or by using no VPN connection. I remember MTU<=1452 used to be the magic number back in the DSL PPTP days. I bet you could somehow sniff the packets, to verify, but I don't know how to sniff the VPN packets if the router is the one who dials. But still, I hope this is a useful hint ;-) On Sat, Oct 16, 2010 at 7:59 PM, Ohad Lutzky <[email protected]> wrote: > traceroute is ICMP. I'm having trouble with specific ports on TCP. > > On Sat, Oct 16, 2010 at 7:53 PM, Dave Roi <[email protected]> wrote: > >> Did you try running traceroute to the pgp server or android market server? >> See how many hops it does go and see in which one it gets stuck. >> >> >> On Sat, Oct 16, 2010 at 19:36, Ohad Lutzky <[email protected]> wrote: >> >>> Hello everyone, >>> >>> I have a Linksys DSL-2760u router/DSL modem, using a Wow (Bezeq) >>> connection to the Bezeq International ISP. It seems that various outgoing >>> ports are blocked - HTTP, HTTPS, bittorrent and SSH work well enough, but - >>> for example - I can't download Android apps from the Market. Easier to test, >>> I can't download PGP public keys. For example: >>> >>> gpg -v -v --keyserver subkeys.pgp.net --recv F120156012B83718 >>> gpg: requesting key 12B83718 from hkp server subkeys.pgp.net >>> >>> This hangs indefinitely. So does this: >>> telnet subkeys.pgp.net 11371 >>> Trying 195.113.19.83... >>> >>> The same occurs for other keyservers, git-protocol, and various other >>> "unconventional" high-port usage. I've gone over the router settings, >>> disabled its firewall (but not NAT, which I need), added my machine to the >>> DMZ (this actually seems to help, sometimes, for git - and even then, only >>> once), tried port triggering... I can't get a consistent result. >>> >>> I should note that this issue only exists for *outgoing* ports. I have no >>> problem mapping *incoming* ports (such as my openssh server or bittorrent >>> web interface). >>> >>> -- >>> Man is the only animal that laughs and weeps, for he is the only animal >>> that is struck with the difference between what things are and what they >>> ought to be. >>> - William Hazlitt >>> >>> Ohad Lutzky >>> >>> _______________________________________________ >>> Haifux mailing list >>> [email protected] >>> http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux >>> >>> >> > > > -- > Man is the only animal that laughs and weeps, for he is the only animal > that is struck with the difference between what things are and what they > ought to be. > - William Hazlitt > > Ohad Lutzky > > _______________________________________________ > Haifux mailing list > [email protected] > http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux > > -- Maxim Kovgan
_______________________________________________ Haifux mailing list [email protected] http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux
