| View previous topic :: View next topic |
| Author |
Message |
plut0
Apprentice
Joined: 21 Dec 2004
Posts: 272
|
 Posted: Mon Oct 26, 2009 4:14 am Post subject: mtu issue |
 |
|
For about 10+ years I've been using Time Warner Road Runner. I don't know what changed but recently the default mtu 1500 is no longer stable over the Internet. Many websites time out or hang because the mtu is too high. I am using a gentoo machine as my router. A workaround is to change the mtu on the client side to 1492. I would like to fix the problem on the router instead. I've had this rule in my iptables, the counter goes up showing that its using the rule but it doesn't fix the problem:
| Code: | iptables -A FORWARD -o eth0 -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1453: -j TCPMSS --clamp-mss-to-pmtu
iptables -A FORWARD -i eth0 -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1453: -j TCPMSS --clamp-mss-to-pmtu |
How can I fix this issue on the router? |
|
| Back to top |
|
 |
gringo
Advocate
Joined: 27 Apr 2003
Posts: 3793
|
| Posted: Mon Oct 26, 2009 9:11 am Post subject: |
|
|
any chance you use dhcpcd to get your ips ?
i had the same problem with the latest versions of dhcpcd : mtu was changed for some reason i still don´t know, manullay setting it solved it of course.
There is a mtu setting in the dhcpcd configuration file, either setting that or setting mtu manually with ifconfig did help here.
cheers
_________________
Error: Failing not supported by current locale |
|
| Back to top |
|
|
plut0
Apprentice
Joined: 21 Dec 2004
Posts: 272
|
| Posted: Mon Oct 26, 2009 2:59 pm Post subject: |
|
|
The mtu is 1500 which is what it has always been. However, that no longer works 100% with my ISP. I guess the best way to fix this is just by changing the mtu to 1492 on my router.
I would like to know why 1500 doesn't work anymore but I don't think I'll get the answer to that question. |
|
| Back to top |
|
|
malern
Apprentice
Joined: 19 Oct 2006
Posts: 170
|
| Posted: Mon Oct 26, 2009 3:37 pm Post subject: |
|
|
Try adding
to /etc/conf/net. Replace "eth0" with whatever your internet facing interface is. |
|
| Back to top |
|
|
eagle_cz
Apprentice
Joined: 06 Jun 2003
Posts: 214
|
| Posted: Sat Oct 31, 2009 1:59 pm Post subject: |
|
|
Its loooon time, since i have been playing with this, but its PPP connections related issue.
Recomanded MTU for PPP is 1492.
Well.. you should test your connection with ping and various MTU. If your MTU is too high, you should receive some ICMP messages about "packet fragmentation". Keep lowering your MTU, until you will receive normal ICMP reply.
Size of MTU is one of ping command parameters. |
|
| Back to top |
|
|
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6815
Location: Blighty
|
|
| Back to top |
|
|
plut0
Apprentice
Joined: 21 Dec 2004
Posts: 272
|
| Posted: Mon Nov 30, 2009 3:04 pm Post subject: |
|
|
| Thanks for the info guys. How would I set the mtu permanently if eth0 is using dhcpcd? The "mtu_eth0" doesn't seem to work with dhcpcd. |
|
| Back to top |
|
|
UberLord
Retired Dev
Joined: 18 Sep 2003
Posts: 6815
Location: Blighty
|
|
| Back to top |
|
|
plut0
Apprentice
Joined: 21 Dec 2004
Posts: 272
|
| Posted: Mon Nov 30, 2009 10:56 pm Post subject: |
|
|
I'm guessing that doesn't apply to the version I'm using?
emerge dhcpcd -vp
| Code: | These are the packages that would be merged, in order:
Calculating dependencies... done!
[ebuild R ] net-misc/dhcpcd-4.0.15 USE="-compat -zeroconf" 52 kB |
When I start dhcpcd I get this error:
dhcpcd: unknown option -- static |
|
| Back to top |
|
|
mrness
Retired Dev
Joined: 17 Feb 2004
Posts: 375
Location: bucharest.ro
|
| Posted: Thu Dec 03, 2009 6:25 am Post subject: Re: mtu issue |
|
|
| plut0 wrote: | For about 10+ years I've been using Time Warner Road Runner. I don't know what changed but recently the default mtu 1500 is no longer stable over the Internet. Many websites time out or hang because the mtu is too high. I am using a gentoo machine as my router. A workaround is to change the mtu on the client side to 1492. I would like to fix the problem on the router instead. I've had this rule in my iptables, the counter goes up showing that its using the rule but it doesn't fix the problem:
| Code: | iptables -A FORWARD -o eth0 -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1453: -j TCPMSS --clamp-mss-to-pmtu
iptables -A FORWARD -i eth0 -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1453: -j TCPMSS --clamp-mss-to-pmtu |
How can I fix this issue on the router? |
You have to do the following changes on your router:
1) Add the iptables rule | Code: | | iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu |
2) Set MTU 1492 on your router interface towards WAN
Alternatively you can reduce MSS w/o changing the interface MTU by adding iptables rule
| Code: | | iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 |
|
|
| Back to top |
|
|
|
Networking & Security
