Re: [Hampshire] [OT] Mystery Blocked Website

On Thu, Jan 25, 2007 at 11:54:08PM +0000, Chris Dennis wrote:
> Hello folks.
>
> A client of mine is mysteriously unable to access a particular website,
> viz www.newforestliving.co.uk. The browser hangs for quite a while and
> then says it can't display the page.
>

Recently I've had several issues like this for customer's and at our
offices. The issue was an incorrect MTU size set on the firewall and
ADSL equipment.

You can determine your optimal MTU size on Windows by doing the
following (I couldn't see an option to set the DF flag in the IP header
for ping under Linux):

ping -f -l 1500 www.newforestliving.co.uk

If you see "Packet needs to be fragmented but DF set" this means 1500
bytes is too large to transmit and needs to be fragmented. Reduce the
1500 value in the ping command by 100 until you get a reply. Then
increase it until you find the largest value before packet needs to be
fragmented.

Take that value and add 28 bytes to it (28 bytes = 20 bytes of IP
header without options plus 8 bytes of ICMP header). This is
your optimal MTU size. Our optimal MTU works out at 1492. Our Cisco ADSL
equipment set this by default to 1500 so we were seeing issues where certain
websites wouldn't load (such as www.3com.com, passport.net).

If you can't change the MTU size on the network equipment, you can set
it at the workstation level. For example: ifconfig eth0 mtu 1492 for
Linux or download DrTCP if you're using Windows.

Try this if all else fails and you're stuck for suggestions.

Regards,
David.
-- 
 .''`.     David Ramsden
: :'  :    http://0wned.it/
`. `'`     PGP key ID: 3454B217 on wwwkeys.eu.pgp.net
  `-  Debian - Because it works (tm).

Note: I have recently changed my email address, website address and
generated a new PGP key. Please ensure your contact information is
updated.