l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2012 May 18 17:22

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Xbox Live firewall rules?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Xbox Live firewall rules?



Bill Broadley wrote:
> One potential problem is that whenever I dhcp an IP from comcast my MTU
> is set to 576.  Can I just run ifconfig eth1 mtu 1500?  Well I can
> definitely set my MTU after getting an IP, not sure what a random
> connection negotiates at though.

MTU is often a description of the maximum frame transmittable before
fragmentation, and a lower value than the common Ethernet 1500 suggests
you may have one or more links between you and the Internet, where layer2
frames are limited to a size of the smaller value.

It is possible for you to tell your external interface that acquired the
new IP address by DHCP to use a larger MTU, but at risk of larger frames
not making it to your desired destination.

For interactive sessions (like ssh) where frames often contain less than
500 bytes, you may not notice problems when exceeding the max frame size
between you and your gateway/next hop with a larger MTU, but would notice
it when trying to upload large files, or exceed the maximum frame size
between you and your next hop upstream.

Side note: This issue of MTU is especially important with OpenVPN and the
client-side config option "tun-mtu" ... I've seen some DSL served
customers have to drop this below 1250, and in 2 cases, 820 to not exceed
their ISP's MTU for layer 2 service to their next hop. Like above,
problems were not observed with ssh and interactive sessions, but attempts
to upload large files would eventually show a time-estimate of "stalled"
until the MTU was brought down to something around 64 bytes less than
their layer2 MTU.

It is possible that your ISP has a broken MTU config, or just uses the
same MTU config for most of their networks, even though larger MTU are
allowed, so they can have consistent configurations. If this is the case,
and your Layer2 link between you and your next upstream hop is 1500, then
changing this will likely cause no problems.

HTH,
-ME

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.