Now look at the lines that corresponds to your Internet connection and look for the MTU. To fix this, first see what your MTU for your Internet link is now. On the flip site, most HTTP and FTP traffic will SPEED UP! Now some users will balk at this because it can hurt some latency specific programs like TELNET and games but the impact is only slight. A perfectly good workaround is to change your Internet link's MTU to 1500.
PLEASE TRY! For more details, check out this following If you are a network programmer and you think you can either fix or surmise this. Other users point their finger at the adminstrators of the problem remote sites (typically SSL connected sites, etc) and say that because they are filtering ALL FORMS of ICMP (including Type4 - Fragmentation Needed) messages in a fray of security paranoia, they are breaking the fundamental aspects of the TCP/IP protocol.īoth arguments have valid points and people from each camp continue to debate Because of this, the packets get dropped.
What is believed to be happening is that the MASQ code is not properly re-writing the returning ICMP packets with the ICMP 3 Sub 4 code back to the originating MASQed computer. Though changing the MTU 1500 on the Linux box will seemingly fix the problem, the possible bug is still there. Basically, when a MASQ box connects to the Internet with an MTU of anything less than 1500, some packets will have the DF field set. Some users point their finger to the fact that IPMASQ might have problems with packets that have the DF or "Don't Fragment" bit set.
Linux IP Masquerade HOWTO: Frequently Asked Questions Next Previous Contents
0 kommentar(er)
