With iptables, i have add the tcpmss target and add a rule as indicate in kernel doc
"iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu"
and it work perfectly now. I can change mtu and mru (still don't know what is mru) without problem.
thx
seb
bert hubert wrote:
On Fri, Sep 21, 2001 at 11:43:10AM +0200, sebastien Robart wrote:
i use pppoe and nat too. I have problems with 2 sites (63.238.77.237 and 195.101.41.250) only when i change the mru option (rp-pppoe), not the mtu. And problem are only for box behind the gateway, directly from the gateway i have no problem.
seem a masq + mru bug. (don't ask me what is mru, i didn't have found something on it)
When using pppoe with masquerading, or any networking at all, use MSS Clamping, either in the pppoe-daemon or in iptables itself. This solves a lot or problems with path MTU discovery.
Regards,
bert
