On Sat, 2 Sep 2000, Matti Aarnio wrote: > On Sat, Sep 02, 2000 at 04:12:04PM +0200, Elmer Joandi wrote: > .... > > There is another big problem like that... > > tunnels actually do not work on todays real internet... > > MTU 1500 is so much a standard that it starts killing tunnels. > > MTU < 1500 is not a working solution today thanks to (mostly > > linux based ? ) broken firewalls > > It is due to knee-jerk ICMP blocking settings at firewalls/routers. [snip] Yes, this is indeed the primary cause. All of the Linux howtos for firewalling appear to warn against this. Most of the time I've see this happen it's been ACLs on a Cisco router. Checkpoint makes it harder to make this mistake by having normally invisable 'ALLOW' rules for such traffic (and DNS too). - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo _at_ vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/
References:
- Re: www.crucial.com won't talk to 2.4.0-test7 systemMatti Aarnio <matti.aarnio _at_ zmailer.org>
- Prev by Date: Re: www.crucial.com won't talk to 2.4.0-test7 system
- Next by Date: Re: [PATCH] 2.2: /proc/config.gz
- Prev by thread: Re: www.crucial.com won't talk to 2.4.0-test7 system
- Next by thread: Re: www.crucial.com won't talk to 2.4.0-test7 system
- Indexes:[Main][Thread]