Subject: Re: can't contacted
To: Matt Doughty <>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-net
Date: 02/11/2004 04:21:51
> Not sure if this is the right list, but here we go.  I am currently
> behind a linksys broadband router, and I can't access
> from any of the *bsd (netbsd 1.6ZF, and OS X) hosts behind the
> router.  I can access the site from my solaris, and windows boxes.
> [...]

I can't be sure, of course, but my guess is that your broadband
connection is PPPoE based and something between you and
(perhaps even your linksys, especially if it's also a firewall) is
dropping the ICMPs which drive path MTU discovery.  The symptoms look
very similar to what I saw when I was behind a low-MTU link.  I would
hope that the NetBSD servers aren't behind such broken "firewall"
boxes, but maybe they are, now, or maybe something closer to you is
dropping the ICMPs - or, for all I know, maybe the box on the other end
of your broadband connection is so severely broken as to be dropping
the packets but _not_ sending back the ICMPs.

Try configuring the MTU on your Ethernet to be 1400 instead of 1500.
This will normally make NetBSD send an MSS option specifying the lower
limit; the peer will normally obey this, thereby papering over the

> what doesn't work:

> traceroute to anywhere (traceroute works from the windows box, but not the
> solaris and *bsd boxes)

Did you try traceroute -I?  I think the equivalent is the default for

When you say traceroute "doesn't work", what do you mean?  It dumps
core?  It prints nothing but stars?  It gets partway and stops?  I'd
say there's a good chance that the point at which traceroute stops
seeing stuff coming back is the point responsible for the other
trouble.  I also suspect it's a firewall configured by some
over-paranoid admin who didn't really understand what certain packets
are for.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B