stormspotter7
join:2005-05-19
| [net] PPPoE problem with Linux firewall
So, I just got FiOS installed this week and it came with the DI-624 wireless router. That's fine and dandy, except I usually like to use my own Linux firewall instead (more control, better performance, etc.).
No problem, I figured... FiOS uses PPPoE, so all I have to do is unplug the router and hook up my firewall, turn on PPPoE and I'm good to go. Almost. Everything worked great after replacing the router with the firewall except for one thing - downloading e-mail. I can surf the web, sign on to AIM and even send e-mail. But, when I try to download e-mail, every mail client on every computer in my house hangs just after it gets the number of messages waiting for download. It sucessfully logs into the server, checks to see how many messages are waiting, and then the connection times out. And of course this doesn't happen with the D-Link.
At the suggestion of people on an e-mail list, I have tried playing with the mtu settings for pppoe on my firewall, but it still exhibits the same problem.
Is anybody else using a Linux firewall with their FiOS? Any clues on what I might be missing?
TIA,
stormspotter |
|
NOCMan
Verizon Fios User
Premium
join:2004-09-30
Flower Mound, TX
| I'm using ipcop.. check your mtu as 1492. Funny though I dont see a MTU setting anywhere in ipcop.. it probably does autodetect which since it's working, i'm leaving alone 
--
FIOS chat »www.fioschat.com MacChatter »www.macchatter.com |
|
trey_w
join:2002-07-03
Plano, TX | reply to stormspotter7
Using M0nowall here and I have no problems |
|
stormspotter7
join:2005-05-19
| reply to NOCMan
stormspotter7  : I have tried playing with the mtu settings for pppoe on my firewall, but it still exhibits the same problem.
NOCMan : I'm using ipcop.. check your mtu as 1492. Thanks, NOCMan. I have tried 1492, 1464, 1452 and 1412... all with the same weird symptoms. I am tempted to hook my Netgear WGR614 up to the FiOS line and see if it has the same problem as the Linux firewall.
Out of curiosity, what kernel version is ipcop using? I currently have a 2.4.24 kernel on my firewall... might try upgrading to a 2.6 kernel to see if that changes anything. Otherwise, I'm running out of ideas.
Thanks,
stormspotter |
|
NOCMan
Verizon Fios User
Premium
join:2004-09-30
Flower Mound, TX
| reply to stormspotter7
Linux ipcop.localdomain 2.4.31 #1 Sun Nov 6 21:51:04 GMT 2005 i686 AuthenticAMD unknown GNU/Linux
--
FIOS chat »www.fioschat.com MacChatter »www.macchatter.com |
|
NOCMan
Verizon Fios User
Premium
join:2004-09-30
Flower Mound, TX | reply to stormspotter7
What hardware are you using this on btw..
Do you have a auto mtu setting? |
|
stormspotter7
join:2005-05-19
| The firewall is an AMD k6 500Mhz with 440MB of ram. The NICs being used are a 3c59x and an 8139too. The distro is Debian Sarge.
The kernel upgrade did not help anything, however, I did find a solution that works. For a synopsis of what I had to do, you can read the e-mail that fixed it here:
»lists.debian.org/debian-user/200···610.html
The thread for the problem started here:
»lists.debian.org/debian-user/200···494.html
And for the really short notes, I had to add 4 iptables rules to the firewall script to make it all work.
Thanks,
stormspotter |
|
NOCMan
Verizon Fios User
Premium
join:2004-09-30
Flower Mound, TX
| reply to stormspotter7
weird. Are you using any particular linux firewall software or are you using a pppoe daemon and iptables?
Do you have tv yet and do you get occasional pixelation on VOD?
--
FIOS chat »www.fioschat.com MacChatter »www.macchatter.com |
|
stormspotter7
join:2005-05-19
| Just the standard pppoe and iptables. Iptables is started by a script written by a Debian developer, but it's just a small shell script wrapper around iptables.
I haven't watched a tv show in more than 10 years and very rarely watch the news... so no FiOS tv here. I think the tech that installed my FiOS said it isn't available yet in my area, but I wasn't paying attention. |
|
