> then the problem is somewhere else. You said you have MTU problems? If > you are aDSL connected that is a more or less common problem. If unsure > about the correct MTU size please ask your ISP. And running a NAT > gateway it makes it necessary to lower the MSS. iptables has commands > for that: keyword is "mss clamping": > > http://iptables-tutorial.frozentux.net/chunkyhtml/x4700.html > > On the other hand you can alternatively instruct the rp-pppoe to do > that. > > CLAMPMSS=1452 > > in ifcfg-ppp0 will cause rp-pppoe to set the MSS to 1452. This is 40 > bytes less than the MTU (max. PPPoE MTU size is 1492 - some ISPs run a > setup which requires a smaller value of MTU and MSS). If the other side > (target websites i.e.) have a nasty setup which prevents full PMTU > detection, then a wrong setup on your side can cause what you face. Many > pages are accessible, others not. Hope that helps a bit. > > Alexander > > > -- > Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 > legal statement: http://www.uni-x.org/legal.html > Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp > Serendipity 14:33:00 up 19:43, 18 users, 0.04, 0.73, 1.46 Hi Alexander, Wonderful, you have solved my problem! IT was mss clamping which rescued me. I tried iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o ppp0 -j TCPMSS --set-mss 1460 as recommended by your reference, and both machines stopped working. [I have a funny tunnel-in-a-tunnel via aol] Lower the mss to 1400 and both work - I can access linuxtoday - and more importantly a certain airline booking site. Thanks for taking the time with me; its is really good of you. Bill
