I don't know what kind of device you are using, but if it is a Cisco
device, add the following line on the Ethernet0 interface.

ip tcp adjust-mss 1452

This causes the router to intercept all the TCP syn packets, and reset
the MSS from 1500 to 1452, which gets around the problem of some https
sites with block ICMP destination unreachable messages, and hence
preventing MTU path discovery.

You could also use a utility like DrTCP (free download), and change your
machines Ethernet MTU to 1452 to resolve the issue.

If you have a Cisco device, you can find lots of info on our WWW site
at:
http://www.ifm.net.nz/cookbooks/

-----Original Message-----
From: owner-adsl@unixathome.org [mailto:owner-adsl@unixathome.org] On
Behalf Of LEE Tet Yoon
Sent: Wednesday, 8 September 2004 7:28 p.m.
To: adsl@lists.unixathome.org
Subject: Re: Strange behaviour with SSL pages on Wired Country

At 06:24 p.m. 8/09/2004, you wrote:
>Most Wired Country ISPs use PPPoE for authentication. I'm pretty sure
>the max MTU for PPPoE is lower then 1500 due to the PPP overhead or
>some such. A quick search reveals it's probably 1480 altho a more
thorough search is probably in order.
>
>Hope this helps...

Should add there are ways to try to test the real max MTU. Easiest is
probably to ping and change the packet size and also tell it not to
fragment. You have to subtract a certain amount from the packet (28 I
think but check) due to overhead... I think Microsoft has instructions
for Windows but it's quite easy once you have the general idea.

-- 
This message is part of the NZ ADSL mailing list. 
see http://unixathome.org/adsl/ for archives, FAQ, 
and various documents. 
To unsubscribe: send mail to majordomo@lists.unixathome.org 
with "unsubscribe adsl" in the body of the message 
 
-- 
This message is part of the NZ ADSL mailing list. 
see http://unixathome.org/adsl/ for archives, FAQ, 
and various documents. 
To unsubscribe: send mail to majordomo@lists.unixathome.org 
with "unsubscribe adsl" in the body of the message