Re: firewalls and MTU - identifying problem if any
Am Freitag, den 22.10.2010, 23:38 +0100 schrieb Adam Hardy:
> >> I have a small LAN at home connected up to the net via a DSL modem on a gateway
> >> machine running lenny and iptables.
> >>
> >> I have a problem with some software running on a windows machine on the LAN
> >> where the company who wrote the sofware say that there must be something wrong
> >> with my internet connection, but can't help any further.
> >
> > You can set a log-target in your firewall for these windows mashine, so
> > you can see what connection the mashine want to do.
> > I think on
> >
> > iptables -A FORWARD -s <windows-IP> -o <DSL-device> \
> > -m state --state NEW -j LOG --log-prefix 'WIN-LOG: '
>
> I figured I could do that but the amount of traffic going through from this
> software is huge. Is there some sort of app out there that takes iptables output
> and allows you to sort & filter it?
This rule logs only the first paket from new conections.
So i think its log not to many.
But you can test wiresharke for sniffing.
> Alternatively I thought it would be much easier just to find out what the test
> is using ping or something to establish whether PMTU works properly.
>
> By the way, it's a PPPoA connection, not PPPoE. I think this is normal for the UK.
Ooops, sorry, my fault.
The MTU for PPPoA is 1472.
A ATM-frame is allways 64 byte. So the ethernet-frame must divisible by
64 byte without a rest (23 x 64 = 1472).
PPPoE take a 8 byte-header, so the MTU for PPPoE is 1492.
> Regards
> Adam
Sascha
Reply to: