We are facing a problem related to MTU, and we do not understand how to
solve it.
We have a configuration with pfsense facing Internet WAN, a LAN, and a
DMZ interface where there is another network protected by a monowall fw.
If we make a "ping -s 1500 www.google.com" from the pfsense LAN, we have
0% success.
If we make the same command from the WEB console, we have 100% success.
If we make the same command from PPTP (landing inside pfsense LAN), we
have 100% success.
If we try to "ping -s 1500 www.google.com" from monowall networks
(passing trought pfsense), we have 0% success.
If we make the same command (from pfsense) to the monowall WAN, or any
internal host on monowall, we have 100% success.
If we "ping -s 1500" the pfsense wan, we have 100% success.
It looks like large packets traversing pfsense, and coming from ethernet
interfaces are not fragmented, while large packets coming from within
pfsense (or from PPTP interface) are fragmented.
Unique option we see related to fragmentation (advanced setup) is "clear
DF bit" on advanced page. We tried it, without any different result.
We are using Intel or HP gigabit server adapters, default MTU on all
interfaces, so we don't see problems on adapters.
PFsense version 1.2.3-release.
Any suggestion?
Tonino
--
------------------------------------------------------------
Inter@zioni Interazioni di Antonio Nati
http://www.interazioni.it [email protected]
------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
