Stumper

• Previous message (by thread): Stumper
• Next message (by thread): Stumper
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Linksys has frequent releases and I had the opportunity to stumble several times into firmware versions where some special applications (e.g. X-Window session over IPSec) wouldn't work. Turned out, they were playing with the MTU. Two releases further on, it would work, then again not etc.
I would rather try to solve the problem on the server side (make sure your server sends out unfragmented smaller packets).
/Martin

<Disclaimer>This is a private statement and does not necessarily reflect the opinion of my employer...</Disclaimer>

-----Original Message-----
From: jeffrey.arnold [mailto:jba at analogue.net]
Sent: Tuesday, January 21, 2003 2:36 PM
To: Mark J. Scheller
Cc: nanog at merit.edu
Subject: Re: Stumper



On Tue, 21 Jan 2003, Mark J. Scheller wrote:

:: Here's the particulars:
:: 
:: Users that have Verizon DSL and a Linksys cable/DSL router have
:: difficulties accessing sites on my network -- whether they are trying
:: with http, https, smtp, pop3, ssh, ftp, etc., etc.  Oh, but pings
:: seem to be fine.  Low latency, no loss.  This is true even for access
:: to a server brought up in the DMZ, to keep the firewalls out of the
:: equation.
:: 

Have the user update their linksys firmware. I see this problem all the 
time. Linksys soho gateways are notorious for their early firmware not 
sending fragments with proper headers. Any acl that does not allow *all 
frags* by default will deny their packets. There may be other issues as 
well, but the firmware update tends to fix all of the problems. 

-jba


__
 [jba at analogue.net] :: analogue.networks.nyc :: http://analogue.net

• Previous message (by thread): Stumper
• Next message (by thread): Stumper
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]