Stumper
Martin Renschler (EWU)
Martin.Renschler at ewu.ericsson.se
Wed Jan 22 03:43:24 UTC 2003
Linksys has frequent releases and I had the opportunity to stumble several times into firmware versions where some special applications (e.g. X-Window session over IPSec) wouldn't work. Turned out, they were playing with the MTU. Two releases further on, it would work, then again not etc.
I would rather try to solve the problem on the server side (make sure your server sends out unfragmented smaller packets).
/Martin
<Disclaimer>This is a private statement and does not necessarily reflect the opinion of my employer...</Disclaimer>
-----Original Message-----
From: jeffrey.arnold [mailto:jba at analogue.net]
Sent: Tuesday, January 21, 2003 2:36 PM
To: Mark J. Scheller
Cc: nanog at merit.edu
Subject: Re: Stumper
On Tue, 21 Jan 2003, Mark J. Scheller wrote:
:: Here's the particulars:
::
:: Users that have Verizon DSL and a Linksys cable/DSL router have
:: difficulties accessing sites on my network -- whether they are trying
:: with http, https, smtp, pop3, ssh, ftp, etc., etc. Oh, but pings
:: seem to be fine. Low latency, no loss. This is true even for access
:: to a server brought up in the DMZ, to keep the firewalls out of the
:: equation.
::
Have the user update their linksys firmware. I see this problem all the
time. Linksys soho gateways are notorious for their early firmware not
sending fragments with proper headers. Any acl that does not allow *all
frags* by default will deny their packets. There may be other issues as
well, but the firmware update tends to fix all of the problems.
-jba
__
[jba at analogue.net] :: analogue.networks.nyc :: http://analogue.net
More information about the NANOG
mailing list