Re: pppoe problem

To: debian-user@lists.debian.org
Subject: Re: pppoe problem
From: Gene Heskett <gene.heskett@verizon.net>
Date: Fri, 10 Feb 2006 13:36:33 -0500
Message-id: <[🔎] 200602101336.33707.gene.heskett@verizon.net>
Reply-to: gene.heskett@verizon.net
In-reply-to: <[🔎] 1139588821.43ecbed5a3e89@www.acedsl.com>
References: <[🔎] 1139588821.43ecbed5a3e89@www.acedsl.com>

On Friday 10 February 2006 11:27, Dmitri Kostioukov wrote:
>Hello, I've recently started using a provider that needs pppoe and I'm
> having problem configuring my box for it. My debian box acts as a
> router/firewall for several other computers on the network.
>
>It seems to connect fine through pppoe, gets an IP address and DNS
> servers. However, only 1 machine on the network can connect to the
> internet. Other machines have various problems. For instance, they
> hit google.com in a second, but other sites just sit there forever
> after getting the title, or some other sites get some info but never
> finish loading. The machine that does work is the one that provider's
> software was originally installed on, so I'm thinking their software
> might have changed some ethernet parameters.
>
>I think it might be an mtu blackholing issue but I don't know how to
> fix it. I tried to uncomment a line in dsl-provider file that
> decreases MTU to 1452 or 1412 and it doesn't make any difference. And
> 'ifconfig ppp0' shows 1492 always. I've read on ubuntu list that
> there's some problem in either pppoe or ppp that doesn't allow
> setting mtu correctly. I wonder if the same problem since it might be
> the same package.
>
>One other piece of info: if I plug my machine into a router that the
> provider gave, and let it handle pppoe, everything works fine. That
> router has MTU set to 1492.
>
>I'd appreciate any help at all. Thanks.

This has the waddle and quack of the MTU duck to it.  Because PPPoE uses 
an extra 8 byte header that it then strips, the common fix is to 
specify an 'mtu = 1492' in the network config someplace.

Like you, roaring penguins PPPoE seemd to leave a lot to be desired, so 
I bought a router, a linksys BEFSR41, let it worry about the mtu 
translations and everything just works.  I did have a Seimans for about 
a week, but some hacker destroyed it, I let Circuit City eat that one.

I have 2 ethernet cards in my firewall, with the other machines pointing 
their 'gateway' at the firewalls 'inside' address and accessing it thru 
an 8 port 100baseT switch on a different subnet of 192.168.xx.xx from 
the routers 192.168.1.1 address.  The router is set for gateway mode.
The firewall box has iptables between the two nic's, is doing both NAT 
and MASQUERADE.  Its gateway is the routers address.

I also run tcpwrappers and portsentry.  Paranoid?  maybe.
I've had 3 attacks make it to the logs, which is as far as they got, in 
3 years of 24/7 dsl hookups that way.

So basicly, use the router, it apparently knows best, and all my 
'inside' stuff is set for an mtu = 1500, including the port facing the 
router.  It Just Works(TM) and I sleep well at night. :)

-- 
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules.  I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.

Reply to:

References:
- pppoe problem
  - From: Dmitri Kostioukov <firstone@acedsl.com>

Prev by Date: Re: help with Debian
Next by Date: Re: help with Debian
Previous by thread: pppoe problem
Next by thread: Re: pppoe problem
Index(es):
- Date
- Thread