<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: MTU problem - linux + windows
From: Arik Baratz <arikb,AT,vidius,DOT,co,DOT,il>
Date: Tue, 12 Feb 2002 21:56:35 +0100

Hello all

Setting up cipe-1.5.2/linux-2.4.3 and cipe-w32-2.0-pre9/win2k has been a 
breeze,
once I figured out that the local PTP address has to be set from the network
control panel applet and not the cipe applet. The service doesn\'t start
automatically (yes, it is set up to start automatically in the services 
applet),
but for my application it is unecessary.

However, I am having trouble with the ol\' MTU issue.

For some reason, no matter how I set the MTU on the cipe interface on the 
Linux
side, I still get back packets from a TCP connection that are 1446 bytes long,
with the DF flag on. These are dropped by cipe.

When I set up ADSL sharing I\'ve used the netfilter magic mss clamp:

iptables -I FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS
--clamp-mss-to-pmtu

but it doesn\'t seem like it\'s doing anything usefull to my TCP connections.
When the connection is established, the cipe interface on the linux side 
sends a
SYN request with mss 1446, which is transmitted verbatim. The reply ack has 
MSS
of 1460 and is converted to 1402 when sent on the cipe interface.

Has anyone else come across this problem? I have been through the archives 
but I
can\'t really make it out.

My network config:

         win2k      -----      linux       -----  nat/firewall/router
real   10.2.0.2              10.2.0.1
ptp    10.3.0.1              10.3.1.1

the default route for the win2k machine is 10.3.1.1, and there is routing set 
up
on the firewall so that it routes packets to the 10.3 network to the linux
machine.

Arik Baratz
System Engineer
arikb,AT,vidius,DOT,com

Office:
4 Hamelacha St.
Raa&#8217;nana 43661
ISRAEL

Tel:    +972 (9) 743-9250 ext. 214
Fax:   +972 (9) 743-9251
Cell:  +972 (52) 354 959
eFax: +1 (978) 926-8913
ICQ:  210 8214

Privileged and / or confidential Information may be contained in this 
electronic
mail message. 

You may not copy or deliver this message to anyone without my consent.

If you are not the addressee indicated in this message, or you feel that this
message is not intended for you, Please destroy this message and kindly notify
the sender by replying to this electronic mail.

Please advise immediately if you or your employer do not agree to the use of
Internet email for messages of this kind.

Opinions, conclusions and other information in this message that do not relate
to the official business of Vidius shall be understood as neither given nor
endorsed by it.





<< | Thread Index | >> ]    [ << | Date Index | >> ]