On Thu, Mar 11, 2004 at 04:20:19AM +0100, Mirko Thiesen wrote:
> On Wed, 10 Mar 2004, Steven Sartorius wrote:
> 
> > Hi,
> 
> Hi Steven,
> 
> > 10/03/2004 21:45:14.383215 pppoe0 @0:3 b 204.152.184.116 ->
> > 138.89.34.68 PR tcp len 20 (28) frag 8@1472 IN
> > 10/03/2004 21:45:34.882516 pppoe0 @0:3 b 204.152.184.116 ->
> > 138.89.34.68 PR tcp len 20 (28) frag 8@1472 IN
> > 10/03/2004 21:46:18.381955 pppoe0 @0:3 b 204.152.184.116 ->
> > 138.89.34.68 PR tcp len 20 (28) frag 8@1472 IN
> > 10/03/2004 21:46:38.881335 pppoe0 @0:3 b 204.152.184.116 ->
> > 138.89.34.68 PR tcp len 20 (28) frag 8@1472 IN
> > 10/03/2004 21:47:22.380782 pppoe0 @0:3 b 204.152.184.116 ->
> > 138.89.34.68 PR tcp len 20 (28) frag 8@1472 IN
> 
> as you can see in the above posted log the data packets coming from your
> system get fragmented at 1472 bytes (which is quite common for PPPoE
> setups). Read the section about MTU in the pppoe manpage, and be sure to
> set an appropriate (= low) MTU value on your pppoe0 interface. If you've
> got more than this system and your NetBSD box acts as a router, it might
> be advisable to change the MTU value of your entire network, too.

Or just allow fragmented packets to go in. See the 'keep frags' IPF
configuration directive.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 26 ans d'experience feront toujours la difference
--