From owner-freebsd-hackers  Wed Dec  2 09:07:02 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA13463
          for freebsd-hackers-outgoing; Wed, 2 Dec 1998 09:07:02 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from relay.ucb.crimea.ua (relay.ucb.crimea.ua [194.93.177.113])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA13343
          for <hackers@FreeBSD.ORG>; Wed, 2 Dec 1998 09:04:55 -0800 (PST)
          (envelope-from ru@ucb.crimea.ua)
Received: (from ru@localhost)
	by relay.ucb.crimea.ua (8.8.8/8.8.8) id SAA05942;
	Wed, 2 Dec 1998 18:58:08 +0200 (EET)
	(envelope-from ru)
Date: Wed, 2 Dec 1998 18:58:08 +0200
From: Ruslan Ermilov <ru@ucb.crimea.ua>
To: Thomas David Rivers <rivers@dignus.com>
Cc: eischen@vigrid.com, nate@mt.sri.com, dillon@apollo.backplane.com,
        hackers@FreeBSD.ORG, luigi@labinfo.iet.unipi.it
Subject: Re: TCP bug
Message-ID: <19981202185808.A4604@ucb.crimea.ua>
Mail-Followup-To: Thomas David Rivers <rivers@dignus.com>,
	eischen@vigrid.com, nate@mt.sri.com, dillon@apollo.backplane.com,
	hackers@FreeBSD.ORG, luigi@labinfo.iet.unipi.it
References: <199812021636.JAA06068@mt.sri.com> <199812021647.LAA09094@lakes.dignus.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.94.17i
In-Reply-To: <199812021647.LAA09094@lakes.dignus.com>; from Thomas David Rivers on Wed, Dec 02, 1998 at 11:47:03AM -0500
X-Operating-System: FreeBSD 2.2.7-STABLE i386
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, Dec 02, 1998 at 11:47:03AM -0500, Thomas David Rivers wrote:
> 
>  Just to add to this; I've got exactly the same symptoms; which I previously
> reported.
> 
>  On my internal network; I can't get to some sites (www.aol.com being
> the best example.)
> 
>  But, If I'm on the gateway machine - it has no problems getting there.
> 
>  Thus, I was implicating natd.
> 
>  And - it so happens; my connection is a SL/IP connection, and my MTU
> is 552.
> 
>  I'm betting there's something going on with natd and packet fragmentation.
> 
>  Several people unsuccessfully tried to duplicate my problem; but I'm 
> wondering now if they were using PPP or something else that had a higher 
> MTU, and, thus, didn't fragment any packets.
> 
> 	- Dave Rivers -

Some sites block ICMP and thus break PMTU discovery.
You can work around this problem by disabling PMTU discovery
on all your FreeBSD boxes. This is done by locking MTU on route.
I use:

route change default -mtu 1500 (for Ethernet)
route change default -mtu 552 (for SLIP)

After this everything works fine even with sites that block ICMP.
I had this problem some time ago, when Hub.FreeBSD.org was blocking
ICMP.

-- 
Ruslan Ermilov		Sysadmin and DBA of the
ru@ucb.crimea.ua	United Commercial Bank
+380.652.247.647	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message