[ I realise that this may be off-topic for Debian-ISP, as I'm not an
ISP. But the expertise is out there...]
Since setting up a separate machine as firewall/router for my small home
LAN, I've had problems with accessing large emails and certain web pages
from machines on my LAN.
Symptoms: The download of pages gets a few Kb, and then hangs. Short
emails download OK, but for any large(ish) ones fetchmail gets a few KB
after which it appears that nothing more is received (as if the pop3
server has hung itself)
Oddly enough, when accessing the same emails and web pages from the
firewall itself, everything works !?
If I run tproxy (debian package: transproxy), and configure the firewall
as a proxy in the browsers, the problem goes away.
It is not 100% reproducible; it seems to be affected by other traffic on
the line.
I am beginning to suspect that it is packet fragmentation related;
according to tcpdump, quite a few more packets appear on ppp0 (the
internet connection) than on eth0 (my internal lan).
I'm out of my depth here. Does my description above ring any bells? Any
ideas to diagnose it will be welcome!
The set-up:
firewall:
2.4.18 kernel (ancient 66MHz 486dx, but it works :-)
woody
connects to ISP via diald/ppp.
eth0 connected to home LAN (192.168.240.4/16)
IP Masquerading, firewalling via shorewall (was quick to set up)
DNS server with auth for LAN, forwarding for everything else
DHCP server
client:
2.4.18 kernel
woody
eth0 to home LAN
firewall set up as default gateway
--
Karl E. Jørgensen
karl@jorgensen.com
www.karl.jorgensen.com
Please study http://www.rfc855.org
Attachment:
pgpq7tPKRvuPg.pgp
Description: PGP signature