On Fri, May 26, 2000 at 11:35:09PM -0600, Brook Milligan wrote:
> I have a ppp server (1.4.2/i386) acting as a gateway between the
> internet and a dialup line.  Most protocols seem to work fine (e.g., I
> can ping/traceroute/ftp/telnet all over the net), so I think the
> routing is being handled fine and the basic setup is ok.
> 
> However, establishing connections via http are eratic; some "nearby"
> hosts work fine, others get lost.  My naive watching with tcpdump
> suggests that packets that enter the gateway via the ethernet
> interface (we0) don't always get forwarded to the ppp (ppp0)
> interface.  On the other hand, all packets from the ppp interface seem
> to be forwarded to the ethernet interface.
> 
> For example, the two sequences below record packets simultaneously
> from each of the two interfaces on the ppp server that result from
> executing the command ftp http://www.netbsd.org/Index.html from a box
> connected via the ppp link.  It seems to me that the first 5 packets
> are forwarded, 1 is lost, 2 are forwarded, a bunch are lost, and the
> last two (resulting from ^C exit from ftp) are forwarded.

What's the MTU of you ppp link ? Is it possible that ICMP messages are
blocked ? It seems that 204.152.186.171 has path MTU discovery turned on
(DF bit set in packets) so you have to make sure that your gateway can send
ICMP messages to the internet, or change the MTU of you ppp link to 1500
(MTU of ethernet). The second solution will be more reliable because
some site have broken configs: ICMP messages are blocked but their public
servers still have PMTU on.

--
Manuel Bouyer <bouyer@antioche.eu.org>
--