[Dnsmasq-discuss] using DHCP to set clients' MTU
Grant Coady
grant_lkml at dodo.com.au
Fri Sep 12 15:29:58 BST 2008
On Fri, 12 Sep 2008 13:53:28 +0200, Jan 'RedBully' Seiffert <redbully at cc.hs-owl.de> wrote:
...
>I think 1430 is one of those "optimised values", and 1458 maybe still to big for
>pppoa, but i'm not sure. Did you tried 1454 & 1452? I think it's something with
>145[0-9] from what i read. Or is BT adding another encapsulation like L2TP?
>From my firewall script:
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# maximum mss or mtu
# ```````````````````
# Policy: the firewall controls this value as it is required when ethernet
# access to ADSL modem is used, clamping MSS here removes the need to
# modify any localnet machines' MTU setting.
#
# Information: http://www.cisco.com/warp/public/794/router_mtu.html states
# baseline (lowest) MSS value is = 1360, highest is 1452 for PPPoE, add
# 40 for matching MTU values.
#
# Check you have rp-pppoe.conf 'CLAMPMSS=no'
#
# Leave MAX_MSS empty to perform path mtu discovery, this doesn't work with
# ISPs that drop ICMP traffic -- refer `man iptables`.
#
# MAX_MSS="1452" # maximum MSS (ref: cisco)
# MAX_MSS="1360" # minimum MSS (ref: cisco)
MAX_MSS="1412" # default MSS (ref: rp-pppoe default)
# MAX_MSS="" # use PMTU discovery
#
...
# clamp MTU for new TCP connections to world
if [ -n "$MAX_MSS" ]
then # use preset
iptables -A OUTPUT -p tcp --tcp-flags SYN,RST SYN \
-o $X_WORLD -j TCPMSS --set-mss $MAX_MSS
else # use path discovery
iptables -A OUTPUT -p tcp --tcp-flags SYN,RST SYN \
-o $X_WORLD -j TCPMSS --clamp-mss-to-pmtu
fi
...
Grant.
More information about the Dnsmasq-discuss
mailing list