my connection is with mtu=1452 and mtu=1452 no errors and packet drops with my ifconfig -i. Avishay
----- Original Message ----- From: "Sagi Bashari" <[EMAIL PROTECTED]> To: "Avishay Aton" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, November 16, 2001 9:17 PM Subject: Re: Linux(2.4.x) and masqeurating > Hi Avishay, > > Have you tried to reduce the MTU on the internal hosts to 1452? (see the > bottom of the adsl howto if you don't know how). > > If you're using netfilter you can just use: 'iptables -A FORWARD -p tcp > --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu' instead. > > Sagi > > > On Friday 16 November 2001 21:03, Avishay Aton wrote: > > sure,everything works great from the router(linux/freebsd - i switch > > between them) > > but from the Lan , i can't get some sites(linuxtoday.com , > > alcatel.com.....) > > from snort ouput i can see the first stage of the connection(3 hand > > shaking) ----- Original Message ----- > > From: "Matan Ziv-Av" <[EMAIL PROTECTED]> > > To: "Avishay Aton" <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Friday, November 16, 2001 8:32 PM > > Subject: Re: Linux(2.4.x) and masqeurating > > > > > On Fri, 16 Nov 2001, Avishay Aton wrote: > > > > Hi, > > > > i connect to the net with pptp + adsl, and i use nat on my linux > > > > box(2.4.x) for other computers on > > > > > > my private network. > > > > My nat rule is simple one: > > > > > > > > modprobe iptable_nat > > > > modprobe ip_conntrack_ftp > > > > iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > > > > > > > > > > > > I can get most of the sites , but for example www.linuxtoday.com dosn't > > > > work for me. > > > > > Does it work from the router itself? > > > If not, it sounds like ECN problem. > > > > > > > > > -- > > > Matan Ziv-Av. [EMAIL PROTECTED] > > > > ================================================================= > > To unsubscribe, send mail to [EMAIL PROTECTED] with > > the word "unsubscribe" in the message body, e.g., run the command > > echo unsubscribe | mail [EMAIL PROTECTED] > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
