Changes

Jump to: navigation, search

Router:Linux

586 bytes added, 16:24, 23 January 2013
tcpfix / MSS clamp functionality
 
You can check connectivity with a cron job, and add a stanza to /etc/network/interfaces to connect at boot.
 
=== Extra configuration ===
 
You will find at this point that most web sites work, but some few don't - they just freeze on loading or during initial SSL negotiation. This is because they are blocking ICMP, which is ''stupid'' - in part because they are then unable to indicate or respond to the need to fragment large packets. You can get round it by limiting the maximum packet size for TCP: set TCPfix on your clueless control panel, or on the router:
 
<pre>
iptables -t mangle -F FORWARD
iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452
</pre>
 
== IPv6 ==
4
edits

Navigation menu