>>>>> "rm" == Roy Marples <roy%marples.name@localhost> writes:
rm> I needed to clamp max-mss in pppoe0 to 1432. It used to be
rm> 1452, which I recall was needed for my wireless
rm> clients. Probably the extra overhead of IPv6.
The PPPoE MTU problem should not exist on IPv6, and at my site where I
have <1500 links to the internet I didn't have to change mss-scrubbing
smaller for IPv6. It's possible you are creating the PPPoE problem
yourself somewhere by blocking ICMPv6 'too-big' packages.
You should never find you need the mss scrubbing to reach the Internet
period---if you do, you must be blocking too much ICMP on your end.
The symptom of needing smaller mss scrubbing is that a few of other
people's misconfigured sites on the Internet don't work, just a few
not all. I wish you would have a look to your ICMP rules to avoid
publishing bad examples which will infect other sites and spread the
PPPoE problem.
The way it's documented/supposed to work, you must either pass too-big
/ frag-needed ICMP, *or* use 'keep state' TCP rules which pass that
ICMP implicitly. The way it actually works, I'm not so sure.
Attachment:
pgpm4jzdjYlVI.pgp
Description: PGP signature