I have a lot of problem regarding MTU and fragmentation in my Monowall
setup. Im currently running version 1.3b4
 
WAN MTU is default 1500
 
I see the following in my firewall log:
 
 
Time Interface source Destination proto    
 
09:54:48.343646 WAN MYWANIP SOME WEBSITE, type unreach/needfrag ICMP
 
 
 
I've tried to explicit. allow ICMP on the WAN interface - which does not
make a difference.
Also every rule (LAN/WAN) allows fragmented packages. Any idea whats going
on?
 
The result is, that some webpages (such as google) are viewable, while
others (such as bbc.com) never shows up.
 
Do you have any suggestions?
 
BR
/Søren