[ previous ] [ next ] [ threads ]
 
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Frederick Page <fpage at thebetteros dot oche dot de>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] accessing netbsd.org from behind m0n0wall
 Date:  Wed, 08 Sep 2004 11:35:28 +0200
On 08.09.2004 01:54 +0200, Frederick Page wrote:

> Same here: also have a Soekris net4801, m0n0wall 1.1,
> DSL-connection. Browser (tried IE and Firebird on XP, Firebird on
> OpenBSD and lynx on Linux) just hangs and keeps waiting forever.

I can reproduce this with my m0n0wall at home (FreeBSD
client/PPPoE/ADSL) too. The problem doesn't seem to be that MSS
clamping is not working, but rather that NetBSD sends packets larger
than [MSS + 40 bytes], which are then fragmented and the fragments
blocked by ipfilter for some reason.

Turning off timestamps in the FreeBSD client (sysctl
net.inet.tcp.rfc1323=0) makes it work.

This is probably related:
<http://www.netbsd.org/cgi-bin/query-pr-single.pl?number=20461>

- Manuel