From owner-freebsd-net@FreeBSD.ORG Thu Jul 17 02:38:15 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CD925106564A for ; Thu, 17 Jul 2008 02:38:15 +0000 (UTC) (envelope-from linxiaosong@keynet.com.cn) Received: from mail.keynet.com.cn (keynet.com.cn [218.78.217.105]) by mx1.freebsd.org (Postfix) with ESMTP id 380C98FC12 for ; Thu, 17 Jul 2008 02:38:15 +0000 (UTC) (envelope-from linxiaosong@keynet.com.cn) Received: from localhost (localhost [127.0.0.1]) by mail.keynet.com.cn (Postfix) with SMTP id D396B313 for ; Thu, 17 Jul 2008 10:22:10 +0800 (CST) Received: from r00t.keynet.com.cn (cybertro-9c2753.keynet.com.cn [172.18.30.198]) by mail.keynet.com.cn (Postfix) with ESMTPSA id 4F0EB311 for ; Thu, 17 Jul 2008 10:21:57 +0800 (CST) Message-ID: <487EACC5.1060109@keynet.com.cn> Date: Thu, 17 Jul 2008 10:21:57 +0800 From: Wasily Lin User-Agent: Thunderbird 2.0.0.9 (X11/20080213) MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-DSPAM-Result: Innocent X-DSPAM-Processed: Thu Jul 17 10:22:10 2008 X-DSPAM-Confidence: 1.0000 X-DSPAM-Probability: 0.0023 X-DSPAM-Signature: 487eacd27993450375810 X-DSPAM-Factors: 27, What's, 0.40000, but, 0.40000, but, 0.40000, operator+set, 0.40000, 47, 0.40000, user+user, 0.40000, 5+1, 0.40000, fine+for, 0.40000, 1(0), 0.40000, 1(0), 0.40000, incoming+radius, 0.40000, 4700375, 0.40000, 4700375, 0.40000, 09+44, 0.40000, 09+44, 0.40000, netflow+in, 0.40000, , 0.40000, 1+xxxxxxxx, 0.40000, 10, 0.40000, 10, 0.40000, 0xffffffff+PPPoE, 0.40000 Subject: mpd5.1 MTU problem X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Jul 2008 02:38:15 -0000 Hello, I set up a PPPoE server on FreeBSD 7.0(amd64) with mpd 5.1 and it works fine for all clients except for my FreeBSD 7.0(i386) Notebook. Connecting has no problem and I get ip but all website can not be access even on PPPoE server itself(Apache installed), so can not ftp site. I've used mpd 5.1_1 and pppoe(built-in) as pppoe client but the problem was same - can not access http/ftp..., only icmp works. I think the problem is MTU then changed that but no effects. Now my configuration: PPPoE Server: startup: set netflow peer 127.0.0.1 1813 set user admin xxxxx admin set user operator xxxxx operator set user user xxxxx user set console open default: load pppoe_server pppoe_server: create bundle template B set ippool add pool 10.0.0.100 10.0.0.200 set iface enable netflow-in set iface enable netflow-out set iface enable ipacct set iface enable proxy-arp set iface mtu 1460 <-----------------------! set ipcp ranges 10.0.0.1/32 ippool pool set ipcp dns 172.18.30.125 create link template common pppoe set link enable pap set link disable chap set link enable multilink set link action bundle B load radius create link template em0 common set link max-children 1000 set pppoe iface em0 set link enable incoming radius: set radius server 127.0.0.1 xxxxxxxx 1812 1813 set radius retries 3 set radius timeout 3 set radius me 127.0.0.1 set auth max-logins 1 set auth acct-update 300 set auth enable radius-auth set auth enable radius-acct set radius enable message-authentic PPPoE client: startup: set user admin xxxxx admin set console open default: load pppoe_client pppoe_client: create bundle static B1 set iface route default set ipcp ranges 0.0.0.0/0 0.0.0.0/0 create link static L1 pppoe set link action bundle B1 set auth authname xxxxxx set auth password xxxxxx set link max-redial 0 set link keep-alive 10 60 set pppoe iface em0 set pppoe service "" open After connected: PPPoE server: ng15: flags=88d1 metric 0 mtu 1460 inet 10.0.0.1 --> 10.0.0.115 netmask 0xffffffff PPPoE client: ng0: flags=88d1 metric 0 mtu 1460 inet 10.0.0.115 --> 10.0.0.1 netmask 0xffffffff tcpdump output: PPPoE server: pppoe# tcpdump -i ng15 -ln host 10.0.0.1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ng15, link-type NULL (BSD loopback), capture size 96 bytes 10:08:44.469993 IP 10.0.0.115.60331 > 10.0.0.1.80: S 2092758811:2092758811(0) win 65535 10:08:44.470056 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:08:47.469997 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:08:53.469978 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:09:05.469918 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:09:44.972709 IP 10.0.0.115.60331 > 10.0.0.1.80: F 1:1(0) ack 1 win 8272 10:09:44.972744 IP 10.0.0.1.80 > 10.0.0.115.60331: R 687014729:687014729(0) win 0 PPPoE client: r00t# tcpdump -i ng0 -ln host 10.0.0.1 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ng0, link-type NULL (BSD loopback), capture size 96 bytes 10:12:06.792399 IP 10.0.0.115.60331 > 10.0.0.1.80: S 2092758811:2092758811(0) win 65535 10:12:06.793151 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:12:06.793178 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 10:12:09.793385 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:12:09.793414 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 10:12:15.793331 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:12:15.793358 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 10:12:27.793227 IP 10.0.0.1.80 > 10.0.0.115.60331: S 687014728:687014728(0) ack 2092758812 win 65535 10:12:27.793255 IP 10.0.0.115.60331 > 10.0.0.1.80: . ack 1 win 8272 10:13:07.294273 IP 10.0.0.115.60331 > 10.0.0.1.80: F 1:1(0) ack 1 win 8272 10:13:07.295358 IP 10.0.0.1.80 > 10.0.0.115.60331: R 687014729:687014729(0) win 0 As you can see, tcp/ack from client can not go through but tcp/syn, tcp/fin are fine. What's the reason? I've used the same client to connect to ISP's ADSL and work fine so what I am sure is the server refused my tcp/ack. But why? Thanks all. BSD4LZX !DSPAM:487eacd27993450375810!