Re: SYN_RECV hangs...

Olaf Titz (olaf@bigred.inka.de)
Wed, 30 Jun 1999 10:00:34 +0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Frank Butter: "RE: mount automatic file system check counter"
Previous message: Ian Tester: "ESS Maestro driver in AC patches"
Maybe in reply to: Keane, Patrick: "SYN_RECV hangs..."

> The only difference between this site that cannot connect and others that
> can is that they are attempting to connect from behind a firewall. (Before
> you guess that their firewall is misconfigured, keep in mind that I can

Of course it is. Stick your firewall peoples' noses into RFC 1435 and
tell them to let ICMP through, at least the "can't fragment" code.
Without them TCP won't work. In the meantime, try to disable Path MTU
discovery (echo 1 >/proc/sys/net/ipv4/ip_no_pmtu_disc). Perhaps the
firewall is even so broken to attempt to "correct" TCP options, in
this case you can try to disable them all.

This is becoming more and more of a FAQ nowadays. It looks like the
number of people who think they have to rely on firewalls but don't
know enough TCP/IP to design and operate one is on the rise :-(

Olaf

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Frank Butter: "RE: mount automatic file system check counter"
Previous message: Ian Tester: "ESS Maestro driver in AC patches"
Maybe in reply to: Keane, Patrick: "SYN_RECV hangs..."