|
Setting MTU for router
Hi--
I have a Linksys router, WRT54G, and having trouble connecting to get my compuserve POP3 mail (pop.compuserve.com). I am suspecting the MTU setting in the router. How can I test for the right MTU setting? In Windows, the procedure is to use ping pop.compuserve.com -f -l 1462 --but I suspect that for linux we'd need to use -M somehow. Any ideas? Thanks! |
you want to check the biggest length ping with the DF flag set:
Code:
ping -M do -s 1472 192.168.1.1BTW, what makes you think MTU is the problem? |
Assuming you're adjusting your MTU because you're sitting behind a DSL router/modem that does PPPOE, you can probably get away with setting your MTU to 1492. 1500 byte payload (typical Ethernet payload) - 8 bytes for the PPPOE encapsulation.
Since DSL uses ATM cells instead of Ethernet frames, you might actually be better using an MTU of 1454. With a payload of 1454 bytes and ppp headers of 8 bytes and Ethernet headers of 18 bytes, you get a total frame size of 1480 bytes. 1480 is evenly divisible by 40, which is the constant payload size of an ATM cell. ATM is kind of odd in that it's cells never vary in size. They're always 53 bytes long and have a payload size of 40 bytes. That means that a large Ethernet frame is chunked up into 40-byte pieces, the last of which is padded if it is less than 40 bytes. So every cell that is padded is actually chewing up a tiny bit of your bandwidth. Optimally, you'd set the link closest to the DSL modem to 1454 and let everything else behind it do an MTU discovery. Hope that helps. |
sal_paradise42--
Thanks for your quick help. Quote:
I have managed to take the router out of the mix and with it gone I can get telnet and Thunderbird mail to connect reliably. So I figure it has to be the router? Why MTU? It's about all that seems configurable, after opening the ports 25 and 113 that Linksys say I should open. Router is a WRT54G. Oh! So I run the ping against the router, not the compuserve address!?? I don't know anything about MTU, so that's why I asked the gurus here--you! rkidder-- Thanks for the tips on what to check. Actually I have a comcast cable connection, not dsl. I have tried a couple different things, and here is what I got. Am I going about it correctly? Code:
doug@doug2:~$ sudo ping -M do -s 1472 192.168.0.1So any other ideas why this router won't let me connect? Thanks, folks! |
I don't think sal meant to tell you to ping the router, I suspect he just made up the address as an example. To test the MTU you want to ping the target. In this case that would be your POP server.
I support several small offices for my company which use Comcast. Recently we experienced a problem I have yet to fully find a good explanation for. The problem was limited to Comcast sites, however. And upon closer inspection, the problem was limited to only those Comcast sites which used an SMC cable modem. Other Comcast sites which used a traditional cable modem (no NAT) didn't have this problem. In fact, the SMC wasn't just a modem, it was also a router/firewall (I believe it was modem 8013w). It got a dhcp address on the coax side and handed out a private RFC1918 address on the Ethernet side. The problem is that my company uses Cisco 831 routers which do much the same, dhcp on the outide interface and RFC1918 on the inside interface. So the connection in this case is NAT'd twice. One by the Cisco and then again by the SMC. We saw what looked like an MTU or fragmentation problem, but couldn't truly identify it. To this day I can't say for sure what was going on. We had other sites which did double NAT like that (but with non-SMC devices) and didn't have a problem. Do you have an SMC by chance? |
rkidder--
Thanks for the help in understanding. I did the ping thing for both addresses. I got 1500 as what it should be for both, which is where the router is set already. I hear that MTU has more to do with DSL than with cable, and if 1500 is what it needs to be, then I suspect MTU is not the culprit. The Linksys people have e-mailed me, and they have something on their help site that both say I need to open the trigger ports 25 and 113. I have tried that, but still no go. I even tried 110, to match what Compuserve has, but that makes no difference. The modem I have is a Motorola SB5100 Surfboard, which I have had for about 3 years. I have no idea if it is SMC. Does that tell you? It occurred to me last night that we are going at this assuming that the router is working as it should be, and we need to change settings. Is it possible the router is defective? How could we tell? I have in the last few days been able to connect to the Web and to Compuserve by taking the router out of the mix, and plugging one workstation directly into the modem. This is a puzzler.... Thanks, rkidder! |
Doug-
SMC is a brand name, as is Motorola. The SMC8013 as I said, is a router/firewall as well as a cable modem all in one. Interestingly enough, 8013 was the model number of one of their early NICs, when they first bought that product from Western Digital. I'm still scratching my head wondering why they couldn't have chose one of the other billions of numbers out there for a new product. Oh well, I digress. The Surfboard is just simply a cable modem. It should work just fine. I'm assuming that when you say that you've opened "trigger" ports that you're opening ports for inbound traffic. That is to say, traffic which originates on the *outside* of your firewall to the *inside* of your firewall and passes on to an internal machine. Additionally, I understan you're having a problem *receiving* email via POP, not sending it via SMTP. The reason for the last two paragraphs is because Linksys told you to open ports 25 and 113. Port 25 is for sending mail (SMTP) and port 113 is for ident, an outdated protocol which was used to identify the user which initiated a connection. Why Linksys would have told you to open port 25 is beyond me... unless they had some reason to believe you were having a problem sending, not receiving mail. And their suggestion to open port 113 is a shot in the dark, at best. The only thing I've seen use ident (113) in the past decade is IRC (Internet Relay Chat, also an older protocol), and even then it generally doesn't fail when ident doesn't work. Regardless, if, on my internal network, I telnet to pop.compuserve.com on port 110 (pop protocol) and sniff packets from pop.compuserve.com on the outside interface of my firewall, I see the outbound connection from my firewall (which does NAT in much the same way as your Linksys), and they look exactly as I'd expect them to. They have a source IP of my firewall and a source port in the unpriv range (>1024). The destination IP is pop.compuserve.com and the destination port is 110 (pop). The reply packets from pop.compuserve.com are exactly the opposite. It's a classic, simple TCP conversation. At no time during the 10 or 12 times I did this in succession, did I ever see pop.compuserve.com try to connect back to me on tcp/25 or via ident. You should be able to take that last paragraph to Linksys and tell them their suggestions were not helpful. Out of curiousity, have you tried to telnet to other pop servers out there? You can try to telnet to pop.mail.yahoo.com, for example, on port 110 and see how its responsiveness is. Hope that helps, Roy |
Roy--
Thanks much! telnet pop.mail.yahoo.com 110 connecte +OK three times running. Have not had that ever with Compuserve. Also, I can collect e-mail from comcast.net. Interesting. About triggers: on my router html controls, if I go to "Applications and Gaming" then to "port triggering" I have currently enabled this (someone at compuserve suggested changing 113 to 110): Application E-mail; Triggered Range Start port 25 end port 25; Forwarded range Start port 110 end port 110; then I have a check mark in the enable box. Does that help understand what I meant? If necessary, I could send you a screen shot.... Then I wonder: We are assuming the router is good, and we just need to get the correct settings. What if it were bad? How would we know? Yesterday I lost my Win95 connections to my server. They can ping any other station, any other station can ping them. Just all of a sudden after a system restart (we had lightning storms and I shut down and unplugged everything including router and modem and switch). All other stations can log on, but these two not. Recall that I have a linux network serving up files to the Windows boxes via samba and linux boxes via cifs. I posted about the samba issue last night on Gmane network.samba.general and today someone came back with "what do you think about a switch (or hub, of course) failure?" So what do you think about that? The switch is a LinksysEZXS16W. It is about 3 years old. Is there a way to test? Note that when I tested a direct connection to the modem I skipped both the switch and the router. As I think about it, could I just take the cable that goes from switch to router and plug that directly to the modem? And what about testing to eliminate the switch? I don't have any female to female ethernet adapters around here, but I have an old hub from 10 years ago. Thanks, Roy! |
Have you tried sniffing your network traffic with tcpdump, to see if you see any retransmissions? this will usually point to a layer 1 or layer 2 problem.
|
sal_paradise42--
Thanks! No, that is something I did not know about. Presume I run it from the server and then try to connect via the problem machine? I ran it from this machine and it sure shows a lot of activity! Will take some time to decipher! On the server, I ran it for about 5 seconds and got this ending report: Code:
81996 packets capturedThanks, sal_paradise42! |
Yes you can filter the command and even save as a libcap compatible file which can then be open in ethereal.
Code:
tcpdump -vvv -s 2000 -i eth0 -w ~/pop.cap port 110Code:
tcpdump -r ~/pop.capBy the way, it definetly looks like you have a lot of packets bouncing on your network. |
sal--
Thanks! Although I do not yet understand all you have told me, I did hear you loud and clear saying that I have a lot of traffic. That is strange. I ran this on the server we have been talking about tonight. It reports: Code:
11172 packets capturedOn the older server (see below), it reports for the same interval: Code:
9099 packets received by filterIs this a clue to a problem? Another thing to report: This weekend I replaced the failed data HDD in the old server. The HDD that held the OS is still working. When I booted it up, samba and all network connections worked as they were supposed to. So I copied all data over from the new server to the older server, and am up and running on the older one. This says to me that the problem is not with the network switch, but with the network switch, but with the samba installation and probably not related to the e-mail connection problem I have been having. And I doubt it is MTU, since somebody said that relates to dsl and not to cable, and cable is what I have. So do you see any next steps here? Count me lost.... Thanks for your help, sal! |
The saga continues:
Monday the Linksys tech told me to try a firmware upgrade. I did and lost all connectivity. After working with it for 3 hours till 1:20 am or so, the tech gave up, gave me an rma to return it. Today I bought a new one, the same model WRT54G, but version 6 instead of version 5. Same problems, not quite as severe: can connect to CIS via telnet or mail client about one in 8 tries. It might be easier for me to dump CIS entirely and go through the pain of notifying all my correspondents of my new address than to continue this pain. I do not seem to have difficulty getting Comcast e-mail. One guy over in PC Hardware forum of Compuserve writes-- ===clip The problem lies in the CIS network and how CIS does load balancing. It's been a problem ever since CompuServe first exposed it's mail servers to the Internet and opened up to POP3 in addition to its proprietary old mail system. The load balancing servers aren't always successful in directing your connection to an available host inside the network. My suspicion for various informal tests over the year is that the CIS internal network is overly congested. I can duplicate Doug's poor connection record with mail clients on Linux, OS X and Windows XP. ===you are whole I don't know what to do. But I am getting hints, huh? Thanks for all your help! |
Quote:
Thanks! Neil |
Neil--
No real solution. My dealer gave me a credit for the old one (they have an unwritten 1 year warranty), after they fussed with it for a while and say they got it working. So my solution? I am just living with it. If I really need to check for e-mail between the automatic runs that work once in 8 or so tries, I just keep hitting Send/Receive in Evolution until one finally goes through. At what I take to be busier times of day it takes more tries.... What has helped for you, Neil? :- Doug. |
| All times are GMT -5. The time now is 06:22 PM. |