On Mon, Aug 01, 2005 at 05:40:27PM -0700, john allspaw wrote: > on the squids themselves, since it's production and I'm not 100% that it won't interrupt service. > will it ??? is there anything else that folks might suggest to confirm that it is the pmtu problem ? TCP MSS clamping should reveal whether there's a PMTU-d issue. It looks like you're using linux - see the iptables manual. > our squids sit behind a LB, with URL hash as it's balancing algorithm. > thanks in advance, You should find out whether your LB can do MSS clamping too. It might be necessary if it spoofs the 3-way-handshake without honoring target server TCP parameters. -- Joshua Goodall "as modern as tomorrow afternoon" joshua@xxxxxxxxxxxxxx - FW109
