[ previous ] [ next ] [ threads ]
 
 From:  Barry Murphy <barry at unix dot co dot nz>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  I was hoping someone on the list could help with this...
 Date:  Mon, 12 Jul 2004 13:57:44 +1200
My network looks like this... 

[client] --wireless-- [debian pptp] --vtun-- [colobox] 

When the client connects to the pptp server it gets an MTU of 1396. The VTUN between the pptp server
and the colobox has the MTU of 1396 too. Previously I had this set to 1450 for the vtun as it worked
liked that for freebsd. 

When the vtun had the MTU of 1450 I couldnt view sites such as, microsoft.com , ebay.com ,
xtra.co.nz , clear.net.nz , and a number of others. When looking at the tcpdump it was moaning about
the ICMP to the site unreachable and something about 1396 MTU dropped. When doing an icmp ping it
was fine, so I'm guessing this is something with the MTU setting.

After setting the MTU on the vtun to 1396 I could now get to clear.net.nz and a select few other
sites, but i still cant get to the main ones like microsoft.com , xtra.co.nz ebay.com etc, it would
also apear msn doesnt login. Parts of yahoo.com and dell.com load but not the images. 

The only time this whole setup works is if i setup nat on the debian pptp server, if i use nat, it
tends to work with no problems, perhaps this has something to do with re-writing the MTU packets or
something. 

Interfaces: 

ppp0 Link encap:Point-to-Point Protocol 
inet addr:219.88.249.82 P-t-P:219.88.249.84 Mask:255.255.255.255 
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1 
RX packets:764 errors:0 dropped:0 overruns:0 frame:0 
TX packets:836 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:3 
RX bytes:126537 (123.5 KiB) TX bytes:390570 (381.4 KiB) 

tun0 Link encap:Point-to-Point Protocol 
inet addr:10.6.0.2 P-t-P:10.6.0.1 Mask:255.255.255.255 
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1 
RX packets:46104 errors:0 dropped:0 overruns:0 frame:0 
TX packets:51842 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:10 
RX bytes:7412113 (7.0 MiB) TX bytes:4054542 (3.8 MiB) 


Here is the whole tcpdump of a site that doesnt load: 

tcpdump: listening on ppp0 
11:00:07.797649 219.88.249.84.1714 > 202.27.184.102.www: R 1194525045:1194525045(0) win 0 (DF) 
11:00:07.829472 219.88.249.84.1717 > 202.27.184.102.www: S 1195859394:1195859394(0) win 16384 <mss
1360,nop,nop,sackOK> (DF) 
11:00:07.842256 202.27.184.102.www > 219.88.249.84.1717: S 1595383606:1595383606(0) ack 1195859395
win 25840 <nop,nop,sackOK,mss 1460> (DF) 
11:00:07.865353 219.88.249.84.1717 > 202.27.184.102.www: . ack 1 win 17680 (DF) 
11:00:07.870095 219.88.249.84.1717 > 202.27.184.102.www: P 1:359(358) ack 1 win 17680 (DF) 
11:00:07.887751 202.27.184.102.www > 219.88.249.84.1717: . ack 359 win 25840 (DF) 
11:00:07.889276 202.27.184.102.www > 219.88.249.84.1717: P 1:211(210) ack 359 win 25840 (DF) 
11:00:07.891951 202.27.184.102.www > 219.88.249.84.1717: F 211:211(0) ack 359 win 25840 (DF) 
11:00:07.929666 219.88.249.84.1717 > 202.27.184.102.www: F 359:359(0) ack 211 win 17470 (DF) 
11:00:07.931676 219.88.249.84.1718 > 202.27.184.102.www: S 1195948601:1195948601(0) win 16384 <mss
1360,nop,nop,sackOK> (DF) 
11:00:07.934114 219.88.249.84.1717 > 202.27.184.102.www: . ack 212 win 17470 (DF) 
11:00:07.942209 202.27.184.102.www > 219.88.249.84.1717: . ack 360 win 25840 (DF) 
11:00:07.946255 202.27.184.102.www > 219.88.249.84.1718: S 2262051873:2262051873(0) ack 1195948602
win 25840 <nop,nop,sackOK,mss 1460> (DF) 
11:00:07.986521 219.88.249.84.1718 > 202.27.184.102.www: . ack 1 win 17680 (DF) 
11:00:07.989003 219.88.249.84.1718 > 202.27.184.102.www: P 1:368(367) ack 1 win 17680 (DF) 
11:00:08.005377 202.27.184.102.www > 219.88.249.84.1718: . ack 368 win 25840 (DF) 
11:00:08.014699 202.27.184.102.www > 219.88.249.84.1718: P 1:159(158) ack 368 win 25840 (DF) 
11:00:08.051243 219.88.249.84.1718 > 202.27.184.102.www: P 368:727(359) ack 159 win 17522 (DF) 
11:00:08.070242 202.27.184.102.www > 219.88.249.84.1718: . ack 727 win 25840 (DF) 
11:00:08.074648 202.27.184.102.www > 219.88.249.84.1718: P 159:301(142) ack 727 win 25840 (DF) 
11:00:08.082231 202.27.184.102.www > 219.88.249.84.1718: P 4381:4791(410) ack 727 win 25840 (DF) 
11:00:08.109592 219.88.249.84.1718 > 202.27.184.102.www: . ack 301 win 17380 <nop,nop,sack sack 1
{4381:4791} > (DF) 


Here is PART of a tcpdump of a working site: 

tcpdump: listening on ppp0 
10:58:12.410287 143.166.224.238.www > 219.88.249.84.1648: R 4130012824:4130012824(0) ack 1153625121
win 0 (DF) 
10:58:12.420010 219.88.249.84.1647 > 143.166.224.238.www: P 1153588488:1153588840(352) ack
2095261516 win 17233 (DF) 
10:58:12.623370 143.166.224.238.www > 219.88.249.84.1647: . 1:1357(1356) ack 352 win 16976 (DF) 
10:58:12.625866 143.166.224.238.www > 219.88.249.84.1647: P 1357:1449(92) ack 352 win 16976 (DF) 
10:58:12.672400 219.88.249.84.1647 > 143.166.224.238.www: . ack 1449 win 17680 (DF) 
10:58:28.729376 219.88.249.84.1640 > 65.54.183.192.https: R 1148962420:1148962420(0) win 0 (DF) 
10:58:28.796109 219.88.249.84.1639 > 207.46.107.78.1863: F 1148668902:1148668902(0) ack 1329323901
win 17342 (DF) 
10:58:28.958480 207.46.107.78.1863 > 219.88.249.84.1639: . ack 1 win 17525 
10:58:28.962727 207.46.107.78.1863 > 219.88.249.84.1639: F 1:1(0) ack 1 win 17525 
10:58:29.010329 219.88.249.84.1639 > 207.46.107.78.1863: . ack 2 win 17342 (DF) 
10:58:30.803629 219.95.32.22.4635 > 219.88.249.84.2745: S 177694484:177694484(0) win 16384 <mss
1432,nop,nop,sackOK> (DF) 
10:58:30.813917 219.95.32.22.4637 > 219.88.249.84.1025: S 177792707:177792707(0) win 16384 <mss
1432,nop,nop,sackOK> (DF) 
10:58:30.822727 219.88.249.84.2745 > 219.95.32.22.4635: R 0:0(0) ack 177694485 win 0 
10:58:30.840382 219.88.249.84.1025 > 219.95.32.22.4637: S 1167359763:1167359763(0) ack 177792708 win
17680 <mss 1360,nop,nop,sackOK> (DF) 
10:58:31.442864 219.95.32.22.4637 > 219.88.249.84.1025: . ack 1 win 17680 (DF) 
10:58:31.736730 219.95.32.22.4635 > 219.88.249.84.2745: S 177694484:177694484(0) win 16384 <mss
1432,nop,nop,sackOK> (DF) 
10:58:31.747696 219.88.249.84.2745 > 219.95.32.22.4635: R 0:0(0) ack 1 win 0 
10:58:41.403959 219.95.32.22.4637 > 219.88.249.84.1025: P 1:73(72) ack 1 win 17680 (DF) 
10:58:41.448162 219.88.249.84.1025 > 219.95.32.22.4637: P 1:61(60) ack 73 win 17608 (DF) 
10:58:41.982492 219.95.32.22.4637 > 219.88.249.84.1025: P 2793:2977(184) ack 61 win 17620 (DF) 
10:58:41.991914 219.88.249.84.1025 > 219.95.32.22.4637: . ack 73 win 17608 <nop,nop,sack sack 1
{2793:2977} > (DF) 
10:58:42.258954 219.95.32.22.4637 > 219.88.249.84.1025: . 73:1429(1356) ack 61 win 17620 (DF) 
10:58:42.409667 219.88.249.84.1025 > 219.95.32.22.4637: . ack 1429 win 17680 <nop,nop,sack sack 1
{2793:2977} > (DF) 
10:58:42.426074 219.95.32.22.4637 > 219.88.249.84.1025: . 1429:2785(1356) ack 61 win 17620 (DF) 
10:58:42.616712 219.88.249.84.1025 > 219.95.32.22.4637: . ack 2785 win 16324 <nop,nop,sack sack 1
{2793:2977} > (DF)