Cannot reach some sites using masquerading & T-DSL
Hi, I have a suse 7.1 box set up as my router so that I can access the internet from other PC's on my network. Some websites (www.realnetworks.com, www.bahn.de, www.autoscout24.de to name but a few) are not available from masqueraded machines, whereas others are accessible. The problematic sites, however, ARE accessible from the linux machine itself. Doing a traceroute reveals that the packets are getting most of the way, they just get lost at some routers (I think). I have seen other instances of people with this exact problem, but have not managed to find any answers yet. It also happened exactly the same when I was using W2K as my connected machine. More details as to my setup: ISP - German T-DSL using pppoe Suse - 7.1 - Kernel 2.4.16 IPTables (can give the rules if needed, but its just basic masquerading that works... *normally*) Since installing the linux machine as the router, I have tried a setting the MTU and MRU to 1492 but this made no difference. Interestingly, after setting them, I STILL get the following errors in the syslog when connecting... pppd: Couldn't increase MTU to 1500 pppd: Couldn't increase MRU to 1500 though checking using ifconfig, the MTU *is* set correctly on both eth1(dsl connex) and ppp0 so I dont think it is an MTU issue. I also tried reducing the MTU further (to 1300) but with no affect. The only common denominator I have seen so far from people with this problem is the use of the german T-DSL ISP. Help? :) Tom... __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
Tom Francis wrote:
I have a suse 7.1 box set up as my router so that I can access the internet from other PC's on my network. Some websites (www.realnetworks.com, www.bahn.de, www.autoscout24.de to name but a few) are not available from masqueraded machines, whereas others are accessible. The problematic sites, however, ARE accessible from the linux machine itself.
Doing a traceroute reveals that the packets are getting most of the way, they just get lost at some routers (I think). [...]
Since installing the linux machine as the router, I have tried a setting the MTU and MRU to 1492 but this
You put them in the options?
made no difference. Interestingly, after setting them, I STILL get the following errors in the syslog when connecting...
pppd: Couldn't increase MTU to 1500 pppd: Couldn't increase MRU to 1500
though checking using ifconfig, the MTU *is* set correctly on both eth1(dsl connex) and ppp0 so I dont think it is an MTU issue. I also tried reducing the MTU further (to 1300) but with no affect.
You do not have to set the mtu with ifonfig, go back to 1500. You have to edit the ppoe-options-file (I now do not know how it is named) and teher have to be the lines mtu=1492 mru=1492 Does it work after restart of ppoed? Rene
Since installing the linux machine as the router, I have tried a setting the MTU and MRU to 1492 but this
You put them in the options?
Yes I did.
made no difference. Interestingly, after setting them, I STILL get the following errors in the syslog when connecting...
pppd: Couldn't increase MTU to 1500 pppd: Couldn't increase MRU to 1500
though checking using ifconfig, the MTU *is* set correctly on both eth1(dsl connex) and ppp0 so I dont think it is an MTU issue. I also tried reducing the MTU further (to 1300) but with no affect.
You do not have to set the mtu with ifonfig, go back to 1500.
I was only using ifconfig to confirm that the MTU had been changed. I was setting it in the options as you described below. It also behaves the same if you leave it at 1500.
You have to edit the ppoe-options-file (I now do not know how it is named) and teher have to be the lines
mtu=1492 mru=1492
Does it work after restart of ppoed?
I have those lines in my /etc/ppp/options (also tried it in options.eth1). Retarting the pppd is how I have been making the new settings active, but it still behaves the same. pppd uses the pppoe plugin using this line in the ppp options file... plugin /usr/lib/pppd/2.4.1/pppoe.so
Rene
Cheers, Tom... __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
Hi Do You have Your LAN addresses legal? Ie. like 192.168.0.xxx or 10.xxx.xxx.xxx ? If not, it might happen that Your router thinks that those web-sites are in Your LAN, and thus does route / masquerade correctly. I have seen this happen in some cases. Jaska. Viestissä Torstai 3. Tammikuuta 2002 12:46, Tom Francis kirjoitti:
Since installing the linux machine as the router,
I
have tried a setting the MTU and MRU to 1492 but
this
You put them in the options?
Yes I did.
made no difference. Interestingly, after setting
them,
I STILL get the following errors in the syslog
when
connecting...
pppd: Couldn't increase MTU to 1500 pppd: Couldn't increase MRU to 1500
though checking using ifconfig, the MTU *is* set correctly on both eth1(dsl connex) and ppp0 so I
dont
think it is an MTU issue. I also tried reducing
the
MTU further (to 1300) but with no affect.
You do not have to set the mtu with ifonfig, go back to 1500.
I was only using ifconfig to confirm that the MTU had been changed. I was setting it in the options as you described below. It also behaves the same if you leave it at 1500.
You have to edit the ppoe-options-file (I now do not know how it is named) and teher have to be the lines
mtu=1492 mru=1492
Does it work after restart of ppoed?
I have those lines in my /etc/ppp/options (also tried it in options.eth1). Retarting the pppd is how I have been making the new settings active, but it still behaves the same. pppd uses the pppoe plugin using this line in the ppp options file...
plugin /usr/lib/pppd/2.4.1/pppoe.so
Rene
Cheers,
Tom...
__________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
Hi,
I never thought of that, but i'm afraid thats all in
order :) the local network is 192.168.0.0/24
Also, 99% of stuff routes fine, its just a very few
websites that cause the probs.
Thanks,
Tom...
--- Jaakko Tamminen
Hi
Do You have Your LAN addresses legal? Ie. like 192.168.0.xxx or 10.xxx.xxx.xxx ?
If not, it might happen that Your router thinks that those web-sites are in Your LAN, and thus does route / masquerade correctly.
I have seen this happen in some cases. Jaska.
Since installing the linux machine as the router,
I
have tried a setting the MTU and MRU to 1492 but
this
You put them in the options?
Yes I did.
made no difference. Interestingly, after setting
them,
I STILL get the following errors in the syslog
when
connecting...
pppd: Couldn't increase MTU to 1500 pppd: Couldn't increase MRU to 1500
though checking using ifconfig, the MTU *is* set correctly on both eth1(dsl connex) and ppp0 so I
dont
think it is an MTU issue. I also tried reducing
the
MTU further (to 1300) but with no affect.
You do not have to set the mtu with ifonfig, go back to 1500.
I was only using ifconfig to confirm that the MTU had been changed. I was setting it in the options as you described below. It also behaves the same if you leave it at 1500.
You have to edit the ppoe-options-file (I now do not know how it is named) and teher have to be the lines
mtu=1492 mru=1492
Does it work after restart of ppoed?
I have those lines in my /etc/ppp/options (also
it in options.eth1). Retarting the pppd is how I have been making the new settings active, but it still behaves the same.
Viestissä Torstai 3. Tammikuuta 2002 12:46, Tom Francis kirjoitti: tried pppd
uses the pppoe plugin using this line in the ppp options file...
plugin /usr/lib/pppd/2.4.1/pppoe.so
Rene
Cheers,
Tom...
__________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
__________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
OK,
I didnt have this in my iptables...
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j
TCPMSS --clamp-mss-to-pmtu
Most stuff worked without it except for a handful of
sites.
I just got someone else to try it and I think thats
done it.
What is mss anyway?
Cheers for all your help :)
Tom...
--- Tom Francis
I have a suse 7.1 box set up as my router so that I can access the internet from other PC's on my network. Some websites (www.realnetworks.com, www.bahn.de, www.autoscout24.de to name but a few) are not available from masqueraded machines, whereas others are accessible. The problematic sites, however, ARE accessible from the linux machine itself.
Doing a traceroute reveals that the packets are getting most of the way, they just get lost at some routers (I think).
I have seen other instances of people with this exact problem, but have not managed to find any answers yet. It also happened exactly the same when I was using W2K as my connected machine.
More details as to my setup:
ISP - German T-DSL using pppoe Suse - 7.1 - Kernel 2.4.16 IPTables (can give the rules if needed, but its just basic masquerading that works... *normally*)
Since installing the linux machine as the router, I have tried a setting the MTU and MRU to 1492 but this made no difference. Interestingly, after setting them, I STILL get the following errors in the syslog when connecting...
pppd: Couldn't increase MTU to 1500 pppd: Couldn't increase MRU to 1500
though checking using ifconfig, the MTU *is* set correctly on both eth1(dsl connex) and ppp0 so I dont think it is an MTU issue. I also tried reducing the MTU further (to 1300) but with no affect.
The only common denominator I have seen so far from people with this problem is the use of the german T-DSL ISP.
Help? :)
Tom...
__________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
__________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
participants (3)
-
Jaakko Tamminen
-
Rene Engelhard
-
Tom Francis