Last night I diagnosed what I suspect is a similar problem. Similaraly, I
have a client who is masqueraded behind a firewall, with a ppp link connecting
to the lan behind the firewall, and has some odd problems that I think are
related.
It seems that my terminal sever (A Livingston PM) will not fragment UDP
packets. I was using a ppp MRU/MTU of 296, and I was experiencing DNS
timeouts/failures when the nameserver response was larger than the ppp MRU --
there were a large number of NS records, and so the response packet was 425
bytes. Mind you, this was to what I think is a Sun/Solaris server. Talking
to Linux across the same link was not a problem.
I'm still messing with this, however I found that the quick-fix was to use
1500 as the MRU/MTU. I am by no-means an expert in this sort of thing, so I
don't know where the fault lies. Yet.
FYI, I am using Linux-2.0.29-ISS, pppd-2.3.1, Libc-5.3.33, gcc-2.7.2.2. The
kernels I am using have had path-mtu-discovery turned off, since some time ago
I was experiencing odd TCP connection problems with some hosts. This might
have been related to my current problem.
Regards,
-- Steve Thompson | "It's large amounts of well-organized ignorance that Sysadmin, | scares me." - Cody Ann Michaels Malcontent |