On Mon, 12 Apr 1999, Roger Fischer wrote:
> I have no idea what most of this means.

I have some idea, but not much ;)

> 22:59:48.611914 max > max.badger1.net: icmp: mail.badger1.net unreachable - need to frag (mtu 552) (DF)
> 22:59:48.611915 max > max.badger1.net: icmp: mail.badger1.net unreachable - need to frag (mtu 552) (DF)
> 22:59:48.611916 max > max.badger1.net: icmp: mail.badger1.net unreachable - need to frag (mtu 552) (DF)

Okay, I think these need to frag messages are the problem (I wonder why
it says "max" one place and "max.badger1.net" the other). I think the
problem is that NAT gets a packet from the machine sending the mail,
then changes the source address to be your NetBSD machine's address.
It's about to send it out, but notices that it's bigger than your PPP
link's MTU (552 bytes) and the Don't Fragment (DF) bit is set. So, it
tries to send back a "need to fragment" message back, but it's already
changed the address on the packet and ends up sending the message to
itself instead of the machine actually sending the packet.

I think a workaround for this would be to leave your PPP link's MTU at
the default 1500 (in your /etc/ppp/options or wherever it's kept, look
for the "mtu 552" line... comment it out). If this is really the
problem, I wonder why it doesn't affect just about all messages. It
seems like any message with more than ~1K in its body would have
trouble.

As for a real fix, I don't know... it seems like a bug in NAT to me, not
a mac68k-specific problem; you might try posting a summary of the
problem and the tcpdump to current-users or tech-net.
-- 
Name: Dave Huang     |   Mammal, mammal / their names are called /
INet: khym@bga.com   |   they raise a paw / the bat, the cat /
FurryMUCK: Dahan     |   dolphin and dog / koala bear and hog -- TMBG
Dahan: Hani G Y+C 23 Y++ L+++ W- C++ T++ A+ E+ S++ V++ F- Q+++ P+ B+ PA+ PL++