On Monday 28 March 2005 14:43, Michael Sierchio wrote:
> George Bourozikas wrote:
> >> 2) short packets (ping's, SSH negotiations) traverse the link fine
> >> 3) Longer packets get dropped. I have confirmed this with tcpdump.
> >> When I change the client MTU to 1400 everything works fine, but I need
> >> a more systemic solution because I will not have access to all
> >> potential clients.
> If the problem is fixed by MTU size munging (thereby avoiding fragmented
> packets) it seems reasonable to suspect that fragmented packets
> are being dropped -- by a firewall rule?
All my rules "allow fragmented packets." Which makes it even more