Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Stumper

  • From: Deepak Jain
  • Date: Tue Jan 21 17:47:59 2003

Definitely sounds like an MTU problem. I have seen IPSEC break across
Verizon DSL with a Linksys router until the MTU on the ?PCs?" where dropped
to just under 1500 bytes to allow for the IPSEC header.


> -----Original Message-----
> From: []On Behalf Of
> Mark J. Scheller
> Sent: Tuesday, January 21, 2003 5:26 PM
> To:
> Subject: Stumper
> I have run into a problem that has me completely stumped, so I'm
> tossing it
> out to NANOG for some help.
> Before I lay out the specifics, I'm not trying to point fingers at any
> particular ISP or vendor here, but this problem only exhibits
> itself in very
> specific configurations.  Unfortunately, the configuration is
> common enough as
> to get unwanted attention from the higher-ups.
> Here's the particulars:
> Users that have Verizon DSL and a Linksys cable/DSL router have
> difficulties
> accessing sites on my network -- whether they are trying with http, https,
> smtp, pop3, ssh, ftp, etc., etc.  Oh, but pings seem to be fine.
> Low latency,
> no loss.  This is true even for access to a server brought up in
> the DMZ, to
> keep the firewalls out of the equation.
> Doing some packet sniffing on the ethernet side of my router, I could see
> specific http requests never showed up (and the user saw the broken image
> icon).  This was for an mrtg graph page with +/- 30 images.  I
> saw the request
> for almost all the image files, save for one and the user
> reported the broken
> image icon for the one.  So this looks and smells like a packet loss
> issue..... but who/where/how?
> Taking the Linksys out of the pictures (connecting their PC
> directly to the
> Verizon DSL modem) makes the problem go away.
> These same users report no trouble whatsoever accessing many other common
> sites across the internet.
> Here's another interesting data point:  when one user runs Morpheus (on
> any machine in his home network) he then has absolutely no
> problems accessing
> servers/services on my network.
> Other users with Linksys routers and, say cable modem, do not have this
> problem!
> So I'm looking for some pointers.  What could I have done to my
> edge router (a
> Cisco 3640 if that helps any) that would make it drop packets
> from Verizon DSL
> customers with Linksys routers so long as they aren't running Morpheus?
> Mark J. Scheller (

  • References:

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.