North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
RE: Stumper
- From: Martin Renschler (EWU)
- Date: Tue Jan 21 22:45:50 2003
Linksys has frequent releases and I had the opportunity to stumble several times into firmware versions where some special applications (e.g. X-Window session over IPSec) wouldn't work. Turned out, they were playing with the MTU. Two releases further on, it would work, then again not etc.
I would rather try to solve the problem on the server side (make sure your server sends out unfragmented smaller packets).
/Martin
<Disclaimer>This is a private statement and does not necessarily reflect the opinion of my employer...</Disclaimer>
-----Original Message-----
From: jeffrey.arnold [mailto:jba@analogue.net]
Sent: Tuesday, January 21, 2003 2:36 PM
To: Mark J. Scheller
Cc: nanog@merit.edu
Subject: Re: Stumper
On Tue, 21 Jan 2003, Mark J. Scheller wrote:
:: Here's the particulars:
::
:: Users that have Verizon DSL and a Linksys cable/DSL router have
:: difficulties accessing sites on my network -- whether they are trying
:: with http, https, smtp, pop3, ssh, ftp, etc., etc. Oh, but pings
:: seem to be fine. Low latency, no loss. This is true even for access
:: to a server brought up in the DMZ, to keep the firewalls out of the
:: equation.
::
Have the user update their linksys firmware. I see this problem all the
time. Linksys soho gateways are notorious for their early firmware not
sending fragments with proper headers. Any acl that does not allow *all
frags* by default will deny their packets. There may be other issues as
well, but the firmware update tends to fix all of the problems.
-jba
__
[jba@analogue.net] :: analogue.networks.nyc :: http://analogue.net
|
