<div dir="ltr">have you played with the mtu ?<div><br><div>Often times the dhcp server on the home router giveth the mtu of 1500. </div><div>It is perfectly OK if you either:</div><div><ul><li>don't use VPN from router to ISP</li>
<li>use encryption (when wifi frame < IP frame sent from the router to the ISP)</li></ul></div><div>Otherwise, you get 1 packet of the internal network is wraped into more than 1 packets to the outside world.</div><div>
This (IIRC) is IPv4 problem (fragmentation), and some routers don't do this well.</div><div><br></div><div>To resolve it you can make sure that 1 wifi packet = 1 outgoing packet of your router to the ISP, by reducing the MTU on the clients, or by using no VPN connection.</div>
<div><br></div><div>I remember MTU<=1452 used to be the magic number back in the DSL PPTP days.</div><div><br></div><div>I bet you could somehow sniff the packets, to verify, but I don't know how to sniff the VPN packets if the router is the one who dials. But still, I hope this is a useful hint ;-)</div>
<div><br></div><div><br><br><div class="gmail_quote">On Sat, Oct 16, 2010 at 7:59 PM, Ohad Lutzky <span dir="ltr"><<a href="mailto:ohad@lutzky.net">ohad@lutzky.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div dir="ltr">traceroute is ICMP. I'm having trouble with specific ports on TCP.<br><br><div class="gmail_quote">On Sat, Oct 16, 2010 at 7:53 PM, Dave Roi <span dir="ltr"><<a href="mailto:davidroi@gmail.com" target="_blank">davidroi@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Did you try running traceroute to the pgp server or android market server?<div>See how many hops it does go and see in which one it gets stuck.</div>
<div><br><br><div class="gmail_quote"><div><div></div><div class="h5"><div><div></div><div>On Sat, Oct 16, 2010 at 19:36, Ohad Lutzky <span dir="ltr"><<a href="mailto:ohad@lutzky.net" target="_blank">ohad@lutzky.net</a>></span> wrote:<br>
</div></div></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div></div><div class="h5"><div><div></div><div><div dir="ltr">Hello everyone,<div><br></div>
<div>I have a Linksys DSL-2760u router/DSL modem, using a Wow (Bezeq) connection to the Bezeq International ISP. It seems that various outgoing ports are blocked - HTTP, HTTPS, bittorrent and SSH work well enough, but - for example - I can't download Android apps from the Market. Easier to test, I can't download PGP public keys. For example:</div>
<div><br></div><div><div>gpg -v -v --keyserver <a href="http://subkeys.pgp.net" target="_blank">subkeys.pgp.net</a> --recv F120156012B83718</div><div>gpg: requesting key 12B83718 from hkp server <a href="http://subkeys.pgp.net" target="_blank">subkeys.pgp.net</a></div>
<div><br></div>This hangs indefinitely. So does this:</div><div><div>telnet <a href="http://subkeys.pgp.net" target="_blank">subkeys.pgp.net</a> 11371</div><div>Trying 195.113.19.83...</div><div><br></div><div>The same occurs for other keyservers, git-protocol, and various other "unconventional" high-port usage. I've gone over the router settings, disabled its firewall (but not NAT, which I need), added my machine to the DMZ (this actually seems to help, sometimes, for git - and even then, only once), tried port triggering... I can't get a consistent result.</div>
<div><br></div><div>I should note that this issue only exists for *outgoing* ports. I have no problem mapping *incoming* ports (such as my openssh server or bittorrent web interface).</div><div><br></div>-- <br>Man is the only animal that laughs and weeps, for he is the only animal that is struck with the difference between what things are and what they ought to be.<br>
- William Hazlitt<br><br>Ohad Lutzky<br>
</div></div>
<br></div></div></div></div>_______________________________________________<br>
Haifux mailing list<br>
<a href="mailto:Haifux@haifux.org" target="_blank">Haifux@haifux.org</a><br>
<a href="http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux" target="_blank">http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux</a><br>
<br></blockquote></div><br></div></div>
</blockquote></div><div class="im"><br><br clear="all"><br>-- <br>Man is the only animal that laughs and weeps, for he is the only animal that is struck with the difference between what things are and what they ought to be.<br>
- William Hazlitt<br>
<br>Ohad Lutzky<br>
</div></div>
<br>_______________________________________________<br>
Haifux mailing list<br>
<a href="mailto:Haifux@haifux.org">Haifux@haifux.org</a><br>
<a href="http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux" target="_blank">http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Maxim Kovgan<br>
</div></div></div>