Archived from groups: microsoft.public.win2000.dns,microsoft.public.win2000.networking (
More info?)
Set the client box MTU to 1492 and the firewall's MTU to 1492.
Here's what I get when I run the ping you describe:
C:\>ping 63.228.79.254 -f -l 1464
Pinging 63.228.79.254 with 1464 bytes of data:
Reply from 63.228.79.254: bytes=1464 time=141ms TTL=2
Reply from 63.228.79.254: bytes=1464 time=130ms TTL=2
Reply from 63.228.79.254: bytes=1464 time=131ms TTL=2
Reply from 63.228.79.254: bytes=1464 time=130ms TTL=2
Ping statistics for 63.228.79.254:
Packets: Sent = 4, Received = 4, Lost = 0 (0% los
Approximate round trip times in milli-seconds:
Minimum = 130ms, Maximum = 141ms, Average = 133
C:\>ping 63.228.79.254 -f -l 1465
Pinging 63.228.79.254 with 1465 bytes of data:
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.
Ping statistics for 63.228.79.254:
Packets: Sent = 4, Received = 0, Lost = 4 (100% l
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
I selected the 63.228.79.254 address to use because it was the second IP
listed when doing a tracerroute for www.yahoo.com. The first address listed
is our ActionTec modem (192.168.168.2), but I figured that was not the IP
you wanted me to use, correct? I assume the 63.228.79.254 address is the
address set to receive all packets coming from our network. The results are
the same if if use the 192.168.168.2 address. (Browser still fails).
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:%23sGsWjOdEHA.3392@tk2msftngp13.phx.gbl...
> In news
bSNc.25$u77.31198@news.uswest.net,
> DDJ <johnson@milehi.com> posted a question
> Then Kevin replied below:
> > We have ADSL.
> >
> > Ran the provided test. Although the Win2000 box I was
> > using did not have an MTU value in the registry, I added.
> > Per the MTU test, the optimal setting would be 1404.
> > NOTE: that this is the setting in our firewall as well
> > (says something about "fragment outbound packets larger
> > than 1404")
> >
> > The browser does not have an proxy settings in place.
> >
> > Tested browser after adding MTU value...still doesn't
> > work. The firewall forwards packets to the router, do
> > routers generally provide for an MTU setting?
>
> They way you should really test this is to ping the routers gateway to see
> what the MTU you can send to the gateway and use that setting on the NIC.
> e.g. Pinging 65.65.91.214 with 1468 bytes of data:
>
> Reply from 65.65.91.214: bytes=1468 time=151ms TTL=64
> Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
> Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
> Reply from 65.65.91.214: bytes=1468 time=150ms TTL=64
>
> Ping statistics for 65.65.91.214:
> Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
> Approximate round trip times in milli-seconds:
> Minimum = 150ms, Maximum = 151ms, Average = 150ms
>
> W:\>ping 65.65.91.214 -f -l 1469
>
> Pinging 65.65.91.214 with 1469 bytes of data:
>
> Request timed out.
> Request timed out.
> Request timed out.
> Request timed out.
>
> Ping statistics for 65.65.91.214:
> Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
> Approximate round trip times in milli-seconds:
> Minimum = 0ms, Maximum = 0ms, Average = 0ms
>
> W:\>ping 65.65.91.214 -f -l 1473
>
> Pinging 65.65.91.214 with 1473 bytes of data:
>
> Packet needs to be fragmented but DF set.
> Packet needs to be fragmented but DF set.
> Packet needs to be fragmented but DF set.
> Packet needs to be fragmented but DF set.
>
> Ping statistics for 65.65.91.214:
> Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
> Approximate round trip times in milli-seconds:
> Minimum = 0ms, Maximum = 0ms, Average = 0ms
>
> What this means is that somewhere between this machine which was 1500,
and
> my router's gateway the MTU is 1468 because 1469 times out and the NIC
> fragments 1473. So I set this machine to 1468 + 28 bytes overhead = 1496.
> If the router is set to 1404 + 28= 1432 is the MTU you machine needs to be
> to get past the router. You just set your machine to the highest number
that
> does not time out.
>
> The way to figure your MTU is to start with a number ping the routers
> gateway until you find a packet size that does not time out, add 28 and
set
> your MTU to that number.
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ============================
> --
> When responding to posts, please "Reply to Group" via your
> newsreader so that others may learn and benefit from your
> issue. To respond directly to me remove the nospam. from my
> email. ==========================================
> http://www.lonestaramerica.com/
> ==========================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ==========================================
> Keep a back up of your OE settings and folders with
> OEBackup:
>
http://www.oehelp.com/OEBackup/Default.aspx
> ==========================================
>
>