port-i386: Re: can't raise in kernel pppoe0 with mtu

Subject: Re: can't raise in kernel pppoe0 with mtu > 1460
To: None <tech-net@netbsd.org, port-i386@netbsd.org>
From: Alicia da Conceicao <alicia@engine.ca>
List: port-i386
Date: 03/22/2005 12:09:51

Thanks again to those that previously responded with your many suggestions.
I have tried all of them including:

===========================================================================
sysctl -w net.inet.tcp.mss_ifmtu=1
sysctl -w net.inet.tcp.rfc1323=0
===========================================================================
and putting those settings into my sysctl.conf,

adding these lines to my ipf.conf:

===========================================================================
pass in quick proto icmp from any to any icmp-type 3 code 4
pass out quick proto icmp from any to any icmp-type 3 code 4
pass out quick proto tcp  from any to any flags S keep state
===========================================================================

lowering my mssclamp in ipnat.conf to 1408=MTU-52=1460-52:

===========================================================================
map pppoe0 192.168.1.0/24 -> 123.123.123.123/32 portmap tcp/udp 20000:40000 mssclamp 1408
map pppoe0 192.168.1.0/24 -> 123.123.123.123/32 mssclamp 1408
===========================================================================

But still no luck.  My Windows machines are still unable to use Windows
Update or access Yahoo Web Mail, even though they can access the rest of
the Yahoo & Microsoft websites, and even manually download large files from
Microsoft.  And even though Windows Update does not work with Internet
Explorer, the WinXP machines can download updates through the NetBSD NAT
using the automated update feature in the control panel.  But automated
updates do not exist for Win98.  On WinXP when I attempt to use Windows
Update via Internet Explorer, the following error message appears:

===========================================================================
[Error number: 0x80072EE2] 
Windows Update has encountered an error and cannot display the requested page.
===========================================================================

If anyone has any other suggestions, such as a diagnositic tool to see
what is still being blocked or a way to change settings on Win98/WinXP
so that they can deal with the more restrictive firewall, please let me
know.

Thanks again, and thanks in advance.

Sincerely,
Ms. Alicia da Conceicao.