In article <BAY123-W8B9166ED4EEF7F7585176CFC60@xxxxxxx> you wrote: > packets> 1300 were dropped. Opening up the firewall to pass the > ICMP packets back to the server resulted in no difference in behavior > and the transactions still failed. Besides filtering the ICMP Packets another problem are firewalls where the internal interface is on some kind of unknown (internal) transfert net. Have you dumped the ICMP PAckages and verified that they are generated with the right source ip and is actually received in the server? > Is this a real problem with the Linux network stack or am I just doing something wrong? I am not aware of problems here, but thats just me. What are the kernel versions (and distribution patches) we are talking about? On Internet Servers which need to be rechable by a lot of customers, some tricks are done to avoid problems with those ip options. For example they typically start with a smaller Interface MTU (in your case where your router is limiting it to 1300 it makes no sense to start with larger segments anyway). Some may even turn off the PMTUD but that can result it really bad performance when streaming large data sets. You should make some tcpdumps so we can see whats going on. Gruss Bernd -- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
