Open /etc/inc/filter.inc and search for pppoeclient: after 4 line of that enter this set iface enable tcpmssfix
and retry connecting the pppoe and see if that fixes the problem. I was having the same problems with mail.yahoo/hotmail/msn messenger and some other sites on one installation and that fixed it. I think its worth a try. Other than that it might be a timestamp handling issue on the client stack that is failing to open the site. On Thu, Oct 2, 2008 at 6:38 AM, BSD Wiz <[EMAIL PROTECTED]> wrote: > i know, i just want to check out the new wrx's and sti!! > > tried messing with the mtu without any luck. > > ok, here is tcpdump running on my pfsense firewall(unixbox.gnet). you can > see my request to subaru.com and then the reply comes to the firewall but > never get's passed to my computer. what's weird is the reset. > > 23:30:04.664256 IP UNIXBOX.gnet.49796 > subaru.com.http: S > 1787975612:1787975612(0) win 65535 <mss 1460,nop,wscale 0,nop,nop,timestamp > 2090781090 0,sackOK,eol> > 23:30:04.710299 IP subaru.com.http > UNIXBOX.gnet.49796: S > 2731372884:2731372884(0) ack 1787975613 win 4380 <mss 1460,nop,wscale > 0,nop,nop,timestamp 311872670 2090781090,sackOK,eol> > 23:30:05.321055 IP 12.120.5.14.http > UNIXBOX.gnet.49740: R > 2533320030:2533320030(0) ack 10685623 win 0 > 23:30:07.420107 IP UNIXBOX.gnet.49796 > subaru.com.http: S > 1787975612:1787975612(0) win 65535 <mss 1460,nop,wscale 0,nop,nop,timestamp > 2090781095 0,sackOK,eol> > > > > so in search of what the ip of the reset flag is i pointed my browser to it. > > > > > > > > > so they are behind some type of load balancer but wtf?? > > > > > On Oct 1, 2008, at 11:30 PM, Bill Marquette wrote: > >> On Wed, Oct 1, 2008 at 11:12 PM, Chris Buechler <[EMAIL PROTECTED]> >> wrote: >>> >>> On Wed, Oct 1, 2008 at 11:55 PM, BSD Wiz <[EMAIL PROTECTED]> wrote: >>>> >>>> yep, i looked at it using tcpdump. i just see syn packets going out the >>>> door, i never get any syn-acks back. >>>> >>>> 22:50:47.417326 IP unixbox.gnet.49330 > subaru.com.http: S >>>> 3917131801:3917131801(0) win 65535 <mss 1460,nop,wscale >>>> 0,nop,nop,timestamp >>>> 2090776378 0,sackOK,eol> >>>> >>> >>> Have you tried lowering MTU on your WAN, or just on the problem >>> machine? Doing it on the WAN will MSS clamp everything, so if this is >>> limited to one machine I wouldn't do that. With the 1460 MSS that >>> shows and likely 1500 MTU end to end, that should not be a problem. >>> It's worth a shot though. >> >> Wouldn't explain no syn/ack's coming back. This would seem more like >> an upstream routing (or firewalling) issue to me. That, or a >> conspiracy against BSD Wiz and his desire to look at new cars. >> >> --Bill >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > -- Ermal --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
