httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Elliot" <...@lidalia.org.uk>
Subject RE: [users@httpd] No response recieved from Apache at some external locations, but not others
Date Thu, 19 Oct 2006 13:00:47 GMT
Fantastic, thanks very much; that's likely to be it, I have a very vague recollection of fiddling
with MTU on my router, something to do with trying to get it to keep the ADSL PPPoE connection
alive for longer, but I didn't really know what I was doing so I should have left it well
alone.  I will work on this basis and see what happens.  Thanks very much for the pointer,
I would never have got there otherwise.
 
Jeff McAdams wrote:
 
Robert Elliot wrote:
> OK, try http://www.lidalia.org.uk <http://www.lidalia.org.uk>  - should show the
Apache splash page.

Unless I'm mistaken, this site is hosted on a DSL connection that uses
PPPoE?

What I think is happening is that data is getting sent from one side or
the other assuming a fairly standard MTU of 1500 on the network
connections.  Your DSL connection (assuming I'm right above) can only
handle packet sizes of 1492 (because of PPPoE overhead).  Additionally,
one side or the other is unable to figure out that the packets aren't
getting through.

This would line up with firewalls being involved.  If a firewall
is...we'll say "shortsightedly"...block all ICMP messages, then the ICMP
"Host Unreachable, Fragmentation Needed, but DF (Don't Fragment) bit was
set" message won't get through, meaning that the host won't know that it
needs to limit itself to sending smaller packets for that connection.

This whole overall process is called PMTUD, or Path MTU Discovery, and
firewalls blocking all ICMP prevent it from working correctly.

Some systems have the ability to deal with this...I think Linux calls it
PMTU Blackhole Discovery.

Another possible solution would be to set the MTU on your interface down
smaller (in Linux, "ifconfig <ifname> mtu 1400" should do it).

FWIW, I was unable to hit the page...I set my MTU in that manner, and I
was then able to pull up the page.
--
Jeff McAdams
"They that can give up essential liberty to obtain a
little temporary safety deserve neither liberty nor safety."
                                       -- Benjamin Franklin



Mime
View raw message