1. NAT and ISP problem: lowering mtu and disabling ECN did not solve
Good morning, I'm Giacomo Strangolino from Italy.
I posted some days ago a problema about NAT and Internet Service Provider
problems:
I finished developing an ipv4 forewall with NAT/MASQUERADING and have been
testing it
for some time with success connecting from home to my ISP named "libero".
Then i changed ISP to another one, called "telecom" and with great surprise
i discovered that
images from sites and also sites failed to load.
So now, when i call an ISP all works fine, when i call the other, things go
wrong.
I NAT machines behind my firewall changing only ips and ports, and
recalculating checksum (ip and tcp/udp)
to adjust such changes.
I do not touch any other field as window size or seq number or ack, since
the only things i manipulate are
addresses and ports.
I was wondering what i could do to solve, since iptables and ipfw+natd on
freeBSD or winXP sp2 work fine
with this ISP...
Tweaking with ethereal i found that probably sometimes a tcp segment gets
lost.
* Thanks to news help, i tried to lower MTU and to disable ECN, but the
problem persists. *
My firewall is a 2.6.12 kernel module which registers with netfilter hooks.
A userspace program sends rules to
kernel via netlink.
I thank anyone who could help me find the way to fix the problem or
understand what could be wrong with an
ISP network and anyway work fine with the other.
Thanks a lot
Giacomo S. Udine, Italy
2. binutils
3. TCP delays when switching to lower MTU/MSS on Solaris 2.5.1
4. How to read the IP address
5. Lower MTU LIMIT? (RH4.0) was FTP hanging.
6. lilo on w95
7. what is impact of high xcal value in mpstat
8. Newbie Install
9. TCPIP: How to lower the timeout value for waiting for a DNS?
10. Cron lowering nice value of jobs run
11. lower nice value sans asroot
12. How to get MTU value?
13. How to modify MTU value under DIP slip mode ?
by