[Soekris] changing mtu size on openbsd problems
didier.wiroth at mcesr.etat.lu
Mon Oct 10 16:56:14 UTC 2005
Hi, thanks for helping.
I've set the mtu on the physical nic where the dsl modem is connected but anyway ... I also tried to set it on the pppoe0 interface, both didn't work ...may be I misunderstood the man see:
Anyway, "omitting" the mtu size or "setting" it via ifconfig (on sis2 or even pppoe0) does break some sites. I need to set the mtu size via pf (scrub ..) like mentionned in the manual or I'm not able to browse some sites.
----- Message d'origine -----
De: Chris Cappuccio <chris at nmedia.net>
Date: Lundi, Octobre 10, 2005 6:18 pm
Objet: Re: [Soekris] changing mtu size on openbsd problems
> peter [peter at deeptrauma.net] wrote:
> > Chris Cappuccio wrote:
> > >Why would you set the MTU on your physical ethernet interface
> below 1500?
> > >
> > >That makes no sense at all.
> > >
> > >
> > Wrong.
> You mis-read me.
> I did not say 'changing the MTU on the pppoe interface'
> I said 'changing the MTU on the physical ethernet interface'
> > Setting the MTU below 1500 is the correct solution for this problem,
> > 1436 is a good value which will allow for 1436 of data with a 64
> byte> PPPoE header to equal a total of 1500 bytes of data.
> Exactly, you want the PHYSICAL ETHERNET INTERFACE to be able to
> pass 1500
> byte packets, not 1440 or 1436 or some other value.
> > Increasing the MTU to be above 1500 would just make this problem
> much> worse as you'd end up with a packet with more data and less
> room on the
> > wire for headers. Even if your able to increase the MTU of your
> ethernet> chipset are you sure that the switch or router is able to
> handle packets
> > which are of the same size.
> If you could increase the MTU past 1500 bytes, and if your DSL
> modem and
> provider supported it, you could pass full 1500 byte packets
> through the
> pppoe interface.
> And yes, the maximum frame size is different than the MTU, by a fixed
> number of bytes for ethernet headers, etc. That's irrelevant to the
> "Attacks always get better; they never get worse."
> -- "Old NSA saying"
More information about the Soekris-tech