Re: strange nat behaviour

To: Michel Decima <papa.pop@free.fr>
Cc: debian-firewall@lists.debian.org
Subject: Re: strange nat behaviour
From: Francois Gouget <fgouget@free.fr>
Date: Sun, 6 May 2001 17:19:13 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.21.0105061715110.29900-100000@amboise.dolphin>
In-reply-to: <[🔎] 20010506232423.24437@smtp.wanadoo.fr>

On Mon, 7 May 2001, Michel Decima wrote:

> Hello everybody
> 
> I'm using a linux box with netfilter to masquerade my home LAN
> and I have (very) strange behaviour whith some web sites: They
> are not reachable by the masqueraded workstation (but I can read
> them from the firewall). After the browser says 'connected to X'
> the connections stalls. I've checked the ECN feature, and it is
> not compiled in the kernel.

   This looks like an MTU problem. You may want to try to lower the MTU
on your workstation and see if it works better.

   I had the same problem here when I configured my desktop as a
firewall. I could access some web sites but not others, ftp dir would
work but not getting files, I could get some email but not all. I read
that it was because I use both pppoe and masquerading (still ipchains
here) because somewhere 8 bytes are added. Once I set the MTU on the
masqueraded machines to 1492 (or 1460) it worked fine.

--
Francois Gouget         fgouget@free.fr        http://fgouget.free.fr/
                     Avoid the Gates of Hell - use Linux.

Reply to:

Follow-Ups:
- Re: strange nat behaviour
  - From: Matt Armstrong <matt@lickey.com>

References:
- strange nat behaviour
  - From: Michel Decima <papa.pop@free.fr>

Prev by Date: Re: strange nat behaviour
Next by Date: Re: strange nat behaviour
Previous by thread: Re: strange nat behaviour
Next by thread: Re: strange nat behaviour
Index(es):
- Date
- Thread