[Shorewall-users] Shorewall, rp-pppoe & big transfers

Dominique Archambault apox at yahoo.com
Mon Dec 15 01:33:58 PST 2003

st1\:*{behavior:url(#default#ieooui) }
First, thanks for replying! :)


>1) On the machinerunning shorewall what does "ifconfig" show? Please paste that here.



eth0     Link encap:Ethernet  HWaddr 00:50:BA:58:CE:71

         inet addr:  Bcast:  Mask:


         RX packets:4325591 errors:0 dropped:0 overruns:0 frame:0

         TX packets:4977889 errors:0 dropped:0 overruns:0 carrier:0

         collisions:0 txqueuelen:100

         RX bytes:1089964827 (1.0 GiB)  TX bytes:801724905 (764.5 MiB)

         Interrupt:5 Base address:0x8000


eth1     Link encap:Ethernet  HWaddr 00:E0:29:40:AC:CD

         inet addr:  Bcast:  Mask:


         RX packets:5573940 errors:0 dropped:0 overruns:0 frame:0

         TX packets:4473516 errors:0 dropped:0 overruns:0 carrier:0

         collisions:505 txqueuelen:100

         RX bytes:998313445 (952.0 MiB)  TX bytes:1085247657 (1.0 GiB)

         Interrupt:10 Base address:0xc400


lo       Link encap:Local Loopback

         inet addr:  Mask:

         UP LOOPBACK RUNNING  MTU:16436  Metric:1

         RX packets:371 errors:0 dropped:0 overruns:0 frame:0

         TX packets:371 errors:0 dropped:0 overruns:0 carrier:0

         collisions:0 txqueuelen:0

         RX bytes:40932 (39.9 KiB)  TX bytes:40932 (39.9 KiB)


ppp0     Link encap:Point-to-Point Protocol

         inet addr:  P-t-P:  Mask:


         RX packets:536286 errors:0 dropped:0 overruns:0 frame:0

         TX packets:433616 errors:0 dropped:0 overruns:0 carrier:0

         collisions:0 txqueuelen:3

         RX bytes:465578166 (444.0 MiB)  TX bytes:134154952 (127.9 MiB)



>2) On the shorewallmachine what happens if you ping this ip with the following "ping"options set?


>banks at deadmeat etc $ping -M do -s 1492


I have to set the packetsize at 1464 or lower, same for Windows, to ping the host.


>When you getdisconnected what do you need to do to get reconnected again. Reboot the cablemodem?


To reestablish connection, Ihave to either wait until pppd restarts the connection automatically, or restartit manually. No DSLmodem power cycling or anything needs to be done...


>There should be at aminimum some logs from shorewall showing something going on just before you

>get disconnected. If notthen I would packet sniff with either Tcp dump or ethereal on an internal

>machine (when doing along file transfer) and on the external facing nic card on Shorewall to get

>a better >idea ofwhats happening. 


I will over the next 2-3days do some packet sniffing, and I#8217;ll try to get someinteresting/relevant



>I suspect that mtu is anissue. But to blame Shorewall you will need to provide some evidence

>please. Every problemhas a work around and with linux you >should be able to work around just

>aboutany problem.


>I think you have aninternal machine negotiating with an exteranl machine to send packets with the

>biggest mtu forefficiencey when doing the transfer and somehow they both don't realize thatthey

>have a ppoe link thatsits between them with an mtu that is lower than the standard 1500 byte mtu

>for ethernet.


I#8217;m not trying toblame Shorewall per say, just trying to figure out what#8217;s going on. Up tonow, everything points to Shorewall, but it#8217;s mainly circumstantialevidence :) The Max MTU set on my PPPoE connection (in PPPoE config) is 1412,just in case. I tried with various numbers between 1412 and 1492, but to noavail.

Post your free ad now! Yahoo! Canada Personals

More information about the Shorewall-users mailing list