RE: [users@httpd] No response recieved from Apache at some external locations, but not others

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Just wanted to confirm this was pretty much it; it wasn't actually my
fault, it was Windows Server 2003 defaulting to MTU of 1500.  And I
connect via PPPoA, not PPPoE.  But nevertheless, a call to my ISP
revealed that they like an MTU of 1458, so I set that on the router and
as the MTU for the network card in windows - and now everything works.

Thanks very much for taking the time to explain this, I would
undoubtedly have ended up buying a new router otherwise as there's no
way I'd have worked it out myself and my ISP were useless when I tried
to get some advice from them before your reply.  Much appreciated.

-----Original Message-----
From: Jeff McAdams [mailto:jeffm@xxxxxxxxx] 
Sent: 19 October 2006 13:31
To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] No response recieved from Apache at some
external locations, but not others

Robert Elliot wrote:
> OK, try http://www.lidalia.org.uk <http://www.lidalia.org.uk>  -
should show the Apache splash page.

Unless I'm mistaken, this site is hosted on a DSL connection that uses
PPPoE?

What I think is happening is that data is getting sent from one side or
the other assuming a fairly standard MTU of 1500 on the network
connections.  Your DSL connection (assuming I'm right above) can only
handle packet sizes of 1492 (because of PPPoE overhead).  Additionally,
one side or the other is unable to figure out that the packets aren't
getting through.

This would line up with firewalls being involved.  If a firewall
is...we'll say "shortsightedly"...block all ICMP messages, then the ICMP
"Host Unreachable, Fragmentation Needed, but DF (Don't Fragment) bit was
set" message won't get through, meaning that the host won't know that it
needs to limit itself to sending smaller packets for that connection.

This whole overall process is called PMTUD, or Path MTU Discovery, and
firewalls blocking all ICMP prevent it from working correctly.

Some systems have the ability to deal with this...I think Linux calls it
PMTU Blackhole Discovery.

Another possible solution would be to set the MTU on your interface down
smaller (in Linux, "ifconfig <ifname> mtu 1400" should do it).

FWIW, I was unable to hit the page...I set my MTU in that manner, and I
was then able to pull up the page.
--
Jeff McAdams
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
                                       -- Benjamin Franklin


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux