Re: Probleme de MTU

Top Page

Reply to this message
Author: hervé de Dianous
Date:  
To: GUILDE
Subject: Re: Probleme de MTU
malet jean-luc alias cityhunter a écrit :
> si ton périph supporte les deux l'un ou l'autre c'est
> blanc bonnet et bonnet blanc sauf que pppoa cela marche pas avec le nat....


Quand il y a un PB, il y a *peut être* une solution :

man iptables :

TCPMSS
This target allows to alter the MSS value of TCP SYN packets,  to  con-
trol  the maximum size for that connection (usually limiting it to your
outgoing interface's MTU minus 40).  Of course, it can only be used  in
conjunction with -p tcp.
  _This  target  is  used to overcome criminally braindead ISPs_ or servers
which block ICMP Fragmentation Needed packets.  The  symptoms  of  this
problem are that everything works fine from your Linux firewall/router,
but machines behind it can never exchange large packets:
  1) Web browsers connect, then hang with no data received.
  2) Small mail works fine, but large emails hang.
  3) ssh works fine, but scp hangs after initial handshaking.
Workaround: activate this option and add a rule to your  firewall  con-
figuration like:
         iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN \
                     -j TCPMSS --clamp-mss-to-pmtu


Hé Hé !

RV2D