Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Stumper

  • From: Deepak Jain
  • Date: Tue Jan 21 17:47:59 2003


Definitely sounds like an MTU problem. I have seen IPSEC break across
Verizon DSL with a Linksys router until the MTU on the ?PCs?" where dropped
to just under 1500 bytes to allow for the IPSEC header.

DJ

> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> Mark J. Scheller
> Sent: Tuesday, January 21, 2003 5:26 PM
> To: nanog@merit.edu
> Subject: Stumper
>
>
>
>
> I have run into a problem that has me completely stumped, so I'm
> tossing it
> out to NANOG for some help.
>
> Before I lay out the specifics, I'm not trying to point fingers at any
> particular ISP or vendor here, but this problem only exhibits
> itself in very
> specific configurations.  Unfortunately, the configuration is
> common enough as
> to get unwanted attention from the higher-ups.
>
> Here's the particulars:
>
> Users that have Verizon DSL and a Linksys cable/DSL router have
> difficulties
> accessing sites on my network -- whether they are trying with http, https,
> smtp, pop3, ssh, ftp, etc., etc.  Oh, but pings seem to be fine.
> Low latency,
> no loss.  This is true even for access to a server brought up in
> the DMZ, to
> keep the firewalls out of the equation.
>
> Doing some packet sniffing on the ethernet side of my router, I could see
> specific http requests never showed up (and the user saw the broken image
> icon).  This was for an mrtg graph page with +/- 30 images.  I
> saw the request
> for almost all the image files, save for one and the user
> reported the broken
> image icon for the one.  So this looks and smells like a packet loss
> issue..... but who/where/how?
>
> Taking the Linksys out of the pictures (connecting their PC
> directly to the
> Verizon DSL modem) makes the problem go away.
>
> These same users report no trouble whatsoever accessing many other common
> sites across the internet.
>
> Here's another interesting data point:  when one user runs Morpheus (on
> any machine in his home network) he then has absolutely no
> problems accessing
> servers/services on my network.
>
> Other users with Linksys routers and, say cable modem, do not have this
> problem!
>
> So I'm looking for some pointers.  What could I have done to my
> edge router (a
> Cisco 3640 if that helps any) that would make it drop packets
> from Verizon DSL
> customers with Linksys routers so long as they aren't running Morpheus?
>
> Mark J. Scheller (scheller@u1.net)
>
>
>
>



  • References:


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.