[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: firewalls and MTU - identifying problem if any

Am Freitag, den 22.10.2010, 23:38 +0100 schrieb Adam Hardy:
> >> I have a small LAN at home connected up to the net via a DSL modem on a gateway 
> >> machine running lenny and iptables.
> >>
> >> I have a problem with some software running on a windows machine on the LAN 
> >> where the company who wrote the sofware say that there must be something wrong 
> >> with my internet connection, but can't help any further.
> > 
> > You can set a log-target in your firewall for these windows mashine, so
> > you can see what connection the mashine want to do.
> > I think on
> > 
> > iptables -A FORWARD -s <windows-IP> -o <DSL-device> \
> > -m state --state NEW -j LOG --log-prefix 'WIN-LOG: '
> I figured I could do that but the amount of traffic going through from this 
> software is huge. Is there some sort of app out there that takes iptables output 
> and allows you to sort & filter it?

This rule logs only the first paket from new conections.
So i think its log not to many.
But you can test wiresharke for sniffing.

> Alternatively I thought it would be much easier just to find out what the test 
> is using ping or something to establish whether PMTU works properly.
> By the way, it's a PPPoA connection, not PPPoE. I think this is normal for the UK.

Ooops, sorry, my fault.
The MTU for PPPoA is 1472.
A ATM-frame is allways 64 byte. So the ethernet-frame must divisible by
64 byte without a rest (23 x 64 = 1472).

PPPoE take a 8 byte-header, so the MTU for PPPoE is 1492.

> Regards
> Adam


Reply to: