> Speaking from personal experience: the DSL providers usually expect you to
> run PPPoE on your Wintel box. As such, the TCP MSS on all connections will
> be correctly determined to be 1490 (or 1492, depends on your variant of
> DSL apparently). I've seen Wintel boxes behind a DSL firewall not work
> with exactly the same symptoms.

I believe the 1490 MTU is used when (MPPE) encryption has been 
negotiated.  MPPE encrypts each packet to the same size as the 
unencrypted packet, but also encrypts the protocol id, increasing the 
payload by two bytes.  An MTU of 1490 ensures that this doesn't end 
up pushing the ethernet payload over the 1500 limit.

-- 
Brian <brian@freebsd-services.com>                <brian@Awfulhak.org>
      http://www.freebsd-services.com/        <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour !      <brian@[uk.]OpenBSD.org>