Re: [2.1.47] Bug in Path MTU or PPP(?)

B. James Phillippe (bryan@Terran.ORG)
Fri, 1 Aug 1997 00:57:04 -0700 (PDT)

On Fri, 1 Aug 1997, Alan Cox wrote:

> > can get to most sites without problem). I can access them from my system
> > normally, and if I bump the MRU up to 1500, then it will work for them,
> > too. Here is a sample of a failed tcpdump session under an MRU of 768:
> Looks like the system you are dialing into has an MTU discovery problem or
> someone firewalled ICMP packets on it. Note btw that the 1500 MRU is notionally
> the lowest allowable in PPP, although most kit correctly and usefully allows
> and negotiates lower values.

Okay, that's possible. The system I'm dialing into is a 486 running
Linux-2.0.29, that I configured/installed. It IS firewalling, but the
rules are as follows:

[root@ts1 /root]# ipfwadm -Ile
IP firewall input rules, default policy: reject
pkts bytes type prot opt tosa tosx ifname ifaddress source
destination ports
1278 118K acc icmp ---o 0xFF 0x00 any any anywhere
anywhere 8
3117K 657M acc tcp -k-- 0xFF 0x00 any any anywhere
anywhere any -> any
6395 734K acc icmp ---- 0xFF 0x00 any any anywhere
anywhere any
4723 213K acc all ---- 0xFF 0x00 lo any anywhere
anywhere n/a
238K 24M acc all b--- 0xFF 0x00 any any anywhere
dialup-1/28 n/a
72 3168 acc tcp ---- 0xFF 0x00 any any anywhere any -> 22
360 63759 acc udp ---- 0xFF 0x00 any any anywhere domain -> any
[root@ts1 /root]#

It's an otherwise stock RedHat 4.1 system using dip for dialin. Does this
help any? I can run more tests, if it's worthwhile.

Thanks Alan,

B. James Phillippe                              Seattle Software Labs, Inc
Network Administrator                           Phone: (206) 521-8346
NIC Handle: BJP4                                Fax: (206) 521-8340