Date: Mon, 12 Mar 2001 19:35:52 -0500
From: Mike Tancsa <mike@sentex.net>
To: parmor@dotnet.com ("Paul Armor")
Cc: questions@freebsd.org
Subject: Re: PPPoE
Message-ID: <jmqqatkh2u0u78bunb049r8h2q5t3m27l2@4ax.com>
In-Reply-To: <SEN.984420580.236493205@news.sentex.net>
References: <SEN.984420580.236493205@news.sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12 Mar 2001 13:09:40 -0500, in sentex.lists.freebsd.questions you = wrote: >Okay, I feel stupid... > >I've got a 4.2 Release box set up as a firewall with some clients behind= it. >I'm using my BSD box as PPPoE client. My problem is the "win clients = can't >get to certain web sites" issue, I've verified by sending large ping = packet > This is a fairly well documented issue with PPPoE. Have a look at the = NAT section of the FAQ. The problem has to do with MTU. You have several options to fix the issue. ---Mike =46rom the FAQ... 10.27. Why do MacOS and Windows 98 connections freeze when running PPPoE = on the gateway Thanks to Michael Wozniak <mwozniak@netcom.ca> for figuring this out and Dan Flemming <danflemming@mac.com> for the Mac solution: This is due to what's called a ``Black Hole'' router. MacOS and Windows = 98 (and maybe other Microsoft OSs) send TCP packets with a requested segment size too big to fit into a PPPoE frame (MTU is 1500 by default for ethernet) and have the ``don't fragment'' bit set (default of TCP) and = the Telco router is not sending ICMP ``must fragment'' back to the www site = you are trying to load. (Alternatively, the router is sending the ICMP packet correctly, but the firewall at the www site is dropping it.) When the www server is sending you frames that don't fit into the PPPoE pipe the Telco router drops them on the floor and your page doesn't load (some pages/graphics do as they are smaller than a MSS.) This seems to be the default of most Telco PPPoE configurations (if only they knew how to program a router... sigh...) One fix is to use regedit on your 95/98 boxes to add the following = registry entry... HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\NetTrans\0000\= MaxMTU =20 It should be a string with a value ``1450'' (more accurately it should be ``1464'' to fit TCP packets into a PPPoE frame perfectly but the ``1450'' gives you a margin of error for other IP protocols you may encounter). = This registry key is reported to have moved to Tcpip\Parameters\Interfaces\ID for adapter\MTU in Windows 2000. Refer to Microsoft Knowledge Base documents ``Q158474 - Windows TCPIP Registry Entries'' and ``Q120642 - TCPIP & NBT Configuration Parameters = for Windows NT '' for more information on changing Windoze MTU to work with a =46reeBSD/NAT/PPPoE router. Unfortunately, MacOS does not provide an interface for changing TCP/IP settings. However, there is commercial software available, such as OTAdvancedTuner (OT for OpenTransport, the MacOS TCP/IP stack) by Sustainable Softworks, that will allow users to customize TCP/IP = settings. MacOS NAT users should select ip_interface_MTU from the drop-down menu, enter 1450 instead of 1500 in the box, click the box next to Save as Auto Configure, and click Make Active. The latest version of ppp (2.3 or greater) has an enable tcpmssfixup command that will automatically adjust the MSS to an appropriate value. This facility is enabled by default. If you're stuck with an older = version of ppp, you may want to look at the tcpmssd port. Mike Tancsa (mdtancsa@sentex.net) =09 Sentex Communications Corp, =09 Waterloo, Ontario, Canada "Given enough time, 100 monkeys on 100 routers=20 could setup a national IP network." (KDW2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?jmqqatkh2u0u78bunb049r8h2q5t3m27l2>