Re: NAT & forwarding : only partial connections
Francesco Bochicchio wrote:
What I do is this:
On the PC : iptables -t NAT -A POSTROUTING -o ppp0 -j MASQUERADE
AFAIK it should be -t nat (lowercase). Upcase NAT gives the following
error on my system:
iptables v1.2.11: can't initialize iptables table `NAT': Table does not
exist (do you need to insmod?)
What I get : partial connections. From the laptop, I can ping internet
addresses like www.debian.org and I can resolve host names using my
provider DNS, but this is all. Browsers can 'connect' but do not get the
pages. Fetchmail can 'see' the mail on the provider server, but fails to
download it. And so on. Clearly some packet goes through, some is blocked.
But there is no other iptables rule on either laptop or PC.
This sound very much like a mtu/fragments problem. It could be that your
system send too big packets and something along the way can't handle
them correctly. try doing the following: on the router do run ifconfig
and look for something like:
ppp0 Link encap:Point-to-Point Protocol
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1460 Metric:1
notice the value of MTU, now on the laptop do
ifconfig <interface-name> mtu <mtu-value>
and try connecting anywhere. If it still doesn't work run on the laptop:
tracepath <some well known site>
look for lines that end up with "pmtu <some number>" and try setting
your MTU (with ifconfig) to the lowest one you see.
--
Best regards, Black Dew.
==============================
~ bdew@bdew.yi.org ~ ICQ:2666606 ~ 2:400/567 ~
Reply to: