[I apologize for sending so many messages on this topic, this probably belongs on a different mailing list] > 1. the packet too big ICMP message should be coming from your tunnel box I talked this over with a friend who knows more about networking, and he pointed out that I had this point backwards. What I said is only true if you're uploading. When you're getting the web page (downloading), the ICMP fragmentation needed message (from the DSL provider's termination router) gets sent to the 6to4 tunnel endpoint (the publicly run end), which probably just throws it away. So the webserver never gets a notice that its packets are being dropped. That said, the various MSS fixes (point #2 and the origional poster's iptables command) avoid the problem for TCP. _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
