kernel 2.2.17 and PPPoE: PROBLEM SOLVED
In case I'm not the only one who has run into this problem, here's what
happened and what fixed things.
On my potato firewall box, I ran a custom 2.2.15 kernel with the stock
PPPoE package (Roaring Penguin v 1.0-1) from the Debian archive with
good results. The only problem was that for unclear reasons, some web
sites wouldn't come across the connection.
Then I tried to upgrade to a 2.2.17 kernel (still potato--which means
the 2.2.17-pre-6 source). At that, my PPPoE connection to PacBell DSL
tanked. The connection would start and then it would die after a handful
I thought that the old version of PPPoE might be the problem, since the
current Roaring Penguin version is 2.3. So I debianized and installed
the RP tarball. The new version of PPPoE still worked with the 2.2.15
kernel but not with the 2.2.17 kernel.
Finally I decided to upgrade the whole box to woody, and recompiled the
2.2.17 kernel with the 2.2.17-1 source that is in the woody
distribution. This kernel works beautifully with the RP PPPoE.
Two things seem relevant: something got fixed/improved in the kernel
source from 2.2.17-pre-6 and 2.2.17-1; and the latest version of RP's
PPPoE has an option to lower the maximum TCP segment size, which somehow
corrects the problem with getting to certain web sites (like
Bottom line: if you're having trouble with a firewall box running the
2.2.17 kernel, upgrade to woody and install the latest PPPoE from RP (ie
don't use the PPPoE in the woody distribution, which is still back at
Hope this helps anyone else avoid wasting the time I spent trying to
work this out!