Jukka Marin <jmarin@pyy.jmp.fi> writes:

 > What does the "ip reassembly time exceeded" message mean - is this
 > timeout occurring at the remote end?

Your IP stack builds an ip packet of, say, 1500 byte, containing a tcp
packet inside, and transfers it through the appropriate interface.
Fine. But somewhere between you and the receiver, there is a
networking interface that can't handle packets of that size. Thus it
has to split the packet into several parts of, say 300 byte, resulting
in "fragmented ip packets".

The problem with these packets is that the receiver needs all of them,
before he can reassemble the original ip packet. So when he received
the first ip packet, he stored it in a list and waits for the other to
appear. When all packets have arrived, the packet is re-constructed
and processed.

Obviously the receiver must consider the possibility that parts of the
original packet are lost during transfer, so he won't wait for ever.
That is the time out you're experiencing. Obviously, not all ip
fragments arrived in a specific time, so the receiver drops all
fragments and waits for your machine to re-send the tcp packet.

Reasons for this error occuring frequently are a high packet loss, a
buggy ip implementation at the receiver's site (unlikely, but hell, it
is Microsoft :->) or some problem with ip fragments somewhere between
you and the receiver. Firewalls often filter ip fragments, too,
because many ip stacks have problems with handling them and may crash
the machine.

What you can do is to set a small Max Transfer Unit (MTU) for the
networking interface that connects you to the outside world, say,
ppp0. Then your ip stack will construct smaller packets to start with
and will thus reduce the chance of them being fragmented somewhere.

	-peter