From owner-freebsd-hackers Wed Dec 2 08:46:49 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA11794 for freebsd-hackers-outgoing; Wed, 2 Dec 1998 08:46:49 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from smtp1.vnet.net (smtp1.vnet.net [166.82.1.31]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA11786 for ; Wed, 2 Dec 1998 08:46:47 -0800 (PST) (envelope-from rivers@dignus.com) Received: from dignus.com (ponds.vnet.net [166.82.177.48]) by smtp1.vnet.net (8.9.1a/8.9.1) with ESMTP id LAA04936; Wed, 2 Dec 1998 11:46:23 -0500 (EST) Received: from lakes.dignus.com (lakes.dignus.com [10.0.0.3]) by dignus.com (8.9.1/8.8.5) with ESMTP id MAA01533; Wed, 2 Dec 1998 12:26:41 -0500 (EST) Received: (from rivers@localhost) by lakes.dignus.com (8.9.1/8.6.9) id LAA09094; Wed, 2 Dec 1998 11:47:03 -0500 (EST) Date: Wed, 2 Dec 1998 11:47:03 -0500 (EST) From: Thomas David Rivers Message-Id: <199812021647.LAA09094@lakes.dignus.com> To: eischen@vigrid.com, nate@mt.sri.com Subject: Re: TCP bug Cc: dillon@apollo.backplane.com, hackers@FreeBSD.ORG, luigi@labinfo.iet.unipi.it In-Reply-To: <199812021636.JAA06068@mt.sri.com> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > > No, 10% of machines out on the big bad Internet don't work. (I'm > > > guessing at the 10% number. It may be higher/lower, but about 10% of > > > the sites I try to contact don't work.) > > > > > > 90% of the sites *OUTSIDE MY NETWORK* that I attempt to contact on these > > > internal machines work, and all of my network machines can talk to one > > > another. > > > > OK, I got it now ;-) > > > > > > If you sit at the router, can you ping those systems (assuming > > > > they can be pinged)? > > > > > > If I sit on the machine who can't make the WWW connections I can ping > > > the remote sites if they haven't blocked out ICMP packets to me. I > > > simply can't make TCP connections to them. > > > > That's pretty strange. So the router can't make TCP connections to > > these sites either? > > No, the router can, but any machines hung off it's ethernet can't. On a > whim (based on a hint I got from Karl Peilorz) I changed the MTU on the > router (which is running SLIP to get to the net) from 552 to 1500, and > now things work. > > The strange things is that that the mtu of the SLIP interface if/was 552 > and all traffic that originated on that box was fine, and the mtu on the > ethernet interface was 1500, and traffic generated from there did not > work. > > I would have thought that you wouldn't need to fragment any packets that > had a mtu of 552 to stick it on an ethernet with an mtu of 1500. > > I need to lookmore into this... > > > Nate Just to add to this; I've got exactly the same symptoms; which I previously reported. On my internal network; I can't get to some sites (www.aol.com being the best example.) But, If I'm on the gateway machine - it has no problems getting there. Thus, I was implicating natd. And - it so happens; my connection is a SL/IP connection, and my MTU is 552. I'm betting there's something going on with natd and packet fragmentation. Several people unsuccessfully tried to duplicate my problem; but I'm wondering now if they were using PPP or something else that had a higher MTU, and, thus, didn't fragment any packets. - Dave Rivers - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message