on 06/09/2010 12:03 AM Tvrtko Ursulin wrote the following: > > Hi all, > > Not really sure it is appropriate for this mailing list but I have a hunch it > could be netfilter related, or at least people who could know something about > it are likely to visit this place. :) > > I have a small home network behind a cheap ADSL router and a bizarre problem > where I am not getting responses from some web sites in some situations. I > suspect it is when a POST needs to go over the connection because it is always > when I need to log in somewhere over HTTPS. Also it happens when a number of > unrelated sites. > > This only happens from Linux! Just today I tried four different distributions > on two different machines and it is a total pattern. From Windows it all works > fine. Also I tried three or four browsers on Linux and all behave exactly the > same. > > I had a look at the iptables setup on the router (see below) and it looks > reasonable (at least short) to me, but it have been some years since I last > used it so my knowledge is a bit thin here. > > Or could it be that something has changed in recent kernels which could make > the router unhappy and lose packets? > > Anything more I could try to diagnose this? Any hints are appreciated! > > Regards, > > Tvrtko This usually happens when the firewall(s) does not allow path MTU discovery because it is configured to filter/drop ICMP. Take a look here: http://www.znep.com/~marcs/mtu/ http://www.netheaven.com/pmtu.html Try setting the MTU to a small value like: ifconfig eth0 mtu 1000 and if that solves the problem, then fix your firewall(s) -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
