1 |
On Monday 02 Sep 2013 19:34:25 Grant wrote: |
2 |
|
3 |
> Here's my layout: |
4 |
> |
5 |
> laptop+shorewall (MTU:1500) -> hotel router (MTU:?) -> internet -> |
6 |
> Westell modem/router (MTU:1492) -> desktop+shorewall (MTU:1500) |
7 |
> |
8 |
> Shouldn't PMTUD change the desktop's MTU to 1492? |
9 |
|
10 |
Your desktop's PMTUD will get an ICMP response from Westell as it tries to |
11 |
traverse through it and it will adjust the outgoing packet size accordingly. |
12 |
|
13 |
Ditto with your laptop, when it tries to establish a connection with your |
14 |
desktop. |
15 |
|
16 |
|
17 |
> Is the fact that it |
18 |
> doesn't due to a flaw in the Westell's operation? Should I manually |
19 |
> change the desktop's MTU to 1492 along with that of other systems on |
20 |
> its LAN? |
21 |
|
22 |
It won't harm if you do. However, we don't know for a *fact* that the Westell |
23 |
is not returning the appropriate ICMP packets (Type 3, Code 4) to your laptop, |
24 |
or your desktop. |
25 |
|
26 |
You can use tcpdump to see what's being sent back and forth. |
27 |
|
28 |
|
29 |
> > If you are using Shorewall at your remote server I would expect it to |
30 |
> > behave properly and return the correct ICMP packet when it receives a |
31 |
> > DF. However, I am not familiar with the Shorewall properties and |
32 |
> > settings, so if you suspect this as the cause of your problem it would |
33 |
> > be better if you look into it properly. |
34 |
> |
35 |
> So I'm sure I understand, this doesn't apply if ICMP is dropped at the |
36 |
> Westell? |
37 |
|
38 |
ICMP echo request may be dropped by Westell's firewall, but ICMP Type 3, Code |
39 |
4 could well be returned when a TCP connection is being initiated by your |
40 |
laptop. I don't know how ham-fisted Westell's firewall settings are. |
41 |
|
42 |
Meanwhile, stating the obvious, have you tried using the desktop squid proxy |
43 |
while you are inside your LAN with the same laptop to see if the problem |
44 |
remains? |
45 |
|
46 |
-- |
47 |
Regards, |
48 |
Mick |