Le 10/12/2019 à 20:13, nektarios a écrit :
Pascal Hambourg <pascal@plouf.fr.eu.org> wrote:Maybe a "MTU black hole" issue with PPPoE. Workarounds : - lower the MTU on the client side to 1492 - add a "TCPMSS --clamp-to-pmtu" iptables rule on the router
(...)
The tip you gave me really did the job! I found this page in tldp.org describing the mtu issue http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/mtu-issues.html and the I simply ran the iptables command ``` iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu ``` and it was fixed!
Please note that- It's a hack. It does not fix the actual issue (inbound packets bigger than the PMTU are silently dropped).
- It works only for TCP.- This rule works only for IPv4. If you have IPv6 connectivity, you must add a similar ip6tables rule.
- It does not work inside VPNs and tunnels which hide the actual PMTU.