PDA

View Full Version : Router MTU or WinXP MTU ?


Current user
July 9th 03, 09:30 PM
My "Tweak" test at dslreports.com shows MSS to be 1372, which seems low,
and MTU of 1412, which is also low. I assume, since the Belkin router is
between my machine and the Tweak Test, the Test is actually getting
these figures from the router. The Belkin router does not offer a way to
adjust the MTU.

Should I alter, in any way, the WinXP MTU settings because of the lower
MTU settings of the router? Should I change the MTU of the Linksys
ethernet adapter? Are my packets fragmenting at the router on the way
out? .

My setup= WinXP -> DLS modem -> Belkin router -> Internet

full test results:
http://monitor.dslreports.com/tweak/block:2ff5dc1?service=dsl&speed=1500&os=winXP&via=routerpppoe

Thanks in advance.

Cu

David H. Lipman
July 9th 03, 11:16 PM
If you DSL Router connects via PPPoE, the MTU of the Router needs to be 1492
(MTU=1492)
All platforms on the LAN side need to be 1500 (MTU=1500)

Dave

Current user
July 9th 03, 11:39 PM
Recently, 'nuther Bob > exposed the nature of
his/her thought processes with these words:
>
> Don't you mean:
> My setup= WinXP -> Belkin router -> DSL modem -> Internet
>
> Bob


Yes, I do believe you are correct. Don't think it would work the other
way 'round!


Cu

Current user
July 9th 03, 11:45 PM
Recently, "David H. Lipman" > exposed the
nature of his/her thought processes with these words:

> If you DSL Router connects via PPPoE, the MTU of the Router needs to
be 1492
> (MTU=1492)
> All platforms on the LAN side need to be 1500 (MTU=1500)
>


Dave,

The router does connect via PPPoE. I have no control over the router
MTU. The dslreports Tweak Test reports the MTU to be 1412. I assume that
is the ROUTER's MTU, not the computer's.

When I ping remote sites with the -f switch set, I can only go as high
as 1464 before packets need to be fragmented. But, that's still higher
than the 1412 the Tweak Test is reporting. I'm a little confused about
this.

Cu

John Navas
July 10th 03, 01:46 AM
[POSTED TO comp.dcom.xdsl - REPLY ON USENET PLEASE]

In > on Wed, 09 Jul 2003 15:30:30
-0400, Current user > wrote:

>My "Tweak" test at dslreports.com shows MSS to be 1372, which seems low,
>and MTU of 1412, which is also low. I assume, since the Belkin router is
>between my machine and the Tweak Test, the Test is actually getting
>these figures from the router. The Belkin router does not offer a way to
>adjust the MTU.
>
>Should I alter, in any way, the WinXP MTU settings because of the lower
>MTU settings of the router? Should I change the MTU of the Linksys
>ethernet adapter? Are my packets fragmenting at the router on the way
>out? .

No, no, and no.

Do not fool with MTU.

All that matters is TCP Receive Window.

--
Best regards,
John Navas <http://navasgrp.home.att.net/>
CABLE MODEM/DSL GUIDE: <http://Cable-DSL.home.att.net/>

David Efflandt
July 10th 03, 02:59 AM
On Wed, 09 Jul 2003, Current user > wrote:
> Recently, "David H. Lipman" > exposed the
> nature of his/her thought processes with these words:
>
>> If you DSL Router connects via PPPoE, the MTU of the Router needs to
> be 1492
>> (MTU=1492)
>> All platforms on the LAN side need to be 1500 (MTU=1500)

The above is NOT necessarily true. My smtp server is behind a Dlink NAT
gateway, and while I had no trouble accessing the internet, I could not
receive internet mail beyond packet size at a LAN smtp server (timeout
waiting for data transfer) until I dropped the LAN nic of the smtp server
to mtu 1492. Then incoming mail suddenly started flowing.

> Dave,
>
> The router does connect via PPPoE. I have no control over the router
> MTU. The dslreports Tweak Test reports the MTU to be 1412. I assume that
> is the ROUTER's MTU, not the computer's.
>
> When I ping remote sites with the -f switch set, I can only go as high
> as 1464 before packets need to be fragmented. But, that's still higher
> than the 1412 the Tweak Test is reporting. I'm a little confused about
> this.

The dslreports Tweak Test seemed to report my mtu as 1412 also even though
a ping test from my end to www.dslreports.com confirmed that my mtu is
1492 (1464 ping data plus 28), although, they seem to have disabled ping
on their server now, because I now get no ping response. Maybe something
in the path to the tweak test server has 1412 mtu. I wouldn't really
worry about it unless you have a problem or run a server on your end.

> ping -c1 -s 1464 -M do an.internet.host
PING an.internet.host (x.x.x.x) 1464(1492) bytes of data.
1472 bytes from an.internet.host (x.x.x.x): icmp_seq=1
ttl=246 time=140 ms

--- an.internet.host ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 140.865/140.865/140.865/0.000 ms


> ping -c1 -s 1472 -M do an.internet.host
PING an.internet.host (x.x.x.x) 1472(1500) bytes of data.
ping: local error: Message too long, mtu=1492

--- an.internet.host ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

--
David Efflandt - All spam ignored http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/

David H. Lipman
July 10th 03, 03:21 AM
David:

Yes I have heard of "odd ball reports" such as this. Realize though that
Ethernet is 1500 bytes. All nodes on a LAN need to connect at the standard
Ethernet MTU value. If I have a LAN with 200+ nodes, it is incorrect to have to
change all the LAN nodes to less than 1500 bytes. Since PPPoE is an
encapsulation technique that consumes 8 bytes, the WAN port MTU needs to be set
to: 1500-8=1492. What you have done for your SMTP server is a band-aid
approach. It works but what is really at the cause ? Is it the Router doing
this ? Does the email server need to be in the DMZ ?

To date, I have not talked to anyone who has done a protocol analysis of the
packets on both the LAN and WAN sides.

Technically speaking, there is absolutely no reason why any nodes on the LAN
side should have the MTU altered from the Ethernet default. The "shim" that you
mentioned works and I guess if you don't want to experiment to find the real
cause of problems that is all that matters...getting the function to work.

This in itself would we a good topic for the forum: comp.protocol.tcp-ip

Thanx Dave E. !

Dave L.

John Navas
July 10th 03, 07:06 AM
[POSTED TO comp.dcom.xdsl - REPLY ON USENET PLEASE]

In > on Thu, 10 Jul 2003 00:50:53
-0400, Current user > wrote:

>... For example, I flashed to the latest bios update, and now
>port 80 reports itself as "open" as though i and running a web server,
>which I'm not. There is no way to close port 80, much less stealth it,
>and they won't fix it. They don't get it when I tell them that stealth
>is the first layer of protection, ...

With all due respect, so-called "stealth" doesn't add any real protection.

--
Best regards,
John Navas <http://navasgrp.home.att.net/>
CABLE MODEM/DSL GUIDE: <http://Cable-DSL.home.att.net/>

David H. Lipman
July 10th 03, 12:58 PM
OK ---

Do you have a friend with a different BroadBand router you can borrow ?

If YES -- Try it and see what happens. My Linksys BEFSRR41 has the capability
to set the MTU value of the WAN interface.

Dave

the real TOMMY Tutalidge
July 10th 03, 09:24 PM
The RWIN value is an "odd lot" the RWIN value should be a multiple of the MSS value. You see why your
speed is stuck in neutral? Everyone gets that stupid happy face. First you have to measure your
distance from the central office. Hopefully this is in inches. If this is the case your RWIN value
should be at least 250,000.

Current user wrote:

> My "Tweak" test at dslreports.com shows MSS to be 1372, which seems low,
> and MTU of 1412, which is also low. I assume, since the Belkin router is
> between my machine and the Tweak Test, the Test is actually getting
> these figures from the router. The Belkin router does not offer a way to
> adjust the MTU.
>
> Should I alter, in any way, the WinXP MTU settings because of the lower
> MTU settings of the router? Should I change the MTU of the Linksys
> ethernet adapter? Are my packets fragmenting at the router on the way
> out? .
>
> My setup= WinXP -> DLS modem -> Belkin router -> Internet
>
> full test results:
> http://monitor.dslreports.com/tweak/block:2ff5dc1?service=dsl&speed=1500&os=winXP&via=routerpppoe
>
> Thanks in advance.
>
> Cu

eMail2Me
July 10th 03, 10:10 PM
Current user wrote:

> Recently, "David H. Lipman" > exposed the
> nature of his/her thought processes with these words:
>
>> Contact Belkin about MTU on Router and possible FirmWare updates.
>>
>>
>>
>> Phone: (800) 223-5546 ex 2263
>> Phone: (310) 898-1100 ex 2263
>> Fax: (310) 604-2089
>>
>> It might perform Path MTU Discovery ?
>
>
> Been there, done that. Belkin tech support is next to worthless, as is
> the manual that comes with the router. Those guys just don't get it. 95%
> of the time, you get someone who barely speaks English, and they just
> don't get it. For example, I flashed to the latest bios update, and now
> port 80 reports itself as "open" as though i and running a web server,
> which I'm not. There is no way to close port 80, much less stealth it,
> and they won't fix it. They don't get it when I tell them that stealth
> is the first layer of protection, and their firmware breaks that layer
> completely. Needless to say, my next router will not be a Belkin.
>
> Cu

There is no such thing about being "STEALTH" as a layer protection. No
wonder that you had a thought to derive that the Belkin tech support barely
speaks english ... :) I you mentioned to the Belkin tech support about
turning OFF port 80, then perhaps both the Belkin tech support and you will
be in-synch to take care of the port ... :)

Just my $0.02

Current user
July 11th 03, 07:59 PM
Recently, John Navas > exposed the nature of
his/her thought processes with these words:

> [POSTED TO comp.dcom.xdsl - REPLY ON USENET PLEASE]
>
> In > on Thu, 10 Jul 2003
00:50:53
> -0400, Current user > wrote:
>
>>... For example, I flashed to the latest bios update, and now
>>port 80 reports itself as "open" as though i and running a web server,
>>which I'm not. There is no way to close port 80, much less stealth it,
>>and they won't fix it. They don't get it when I tell them that stealth
>>is the first layer of protection, ...
>
> With all due respect, so-called "stealth" doesn't add any real
protection.


I agree, that stealth doesn't actually prevent an intrusion or an
exploit. It merely makes one less of a target by virtue of the fact that
you are not announcing your presence with open ports. Still, as thin as
the layer is, it IS an additional layer of protection, in my view. I
wouldn't stake my online security on stealth alone. But with regard to
the internet, i'd rather be in the shadows than in the spotlight.

Cu

Current user
July 11th 03, 08:09 PM
Recently, eMail2Me >
exposed the nature of his/her thought processes with these words:
>
> There is no such thing about being "STEALTH" as a layer protection. No
> wonder that you had a thought to derive that the Belkin tech support
> barely speaks english ... :) I you mentioned to the Belkin tech
> support about turning OFF port 80, then perhaps both the Belkin tech
> support and you will be in-synch to take care of the port ... :)

When speaking with a tech support person who does not have a strong
command of the language the customer speaks, it is quite easy and quite
common for much to get lost in the translation. I'm not faulting anyone
for not speaking my language, only expressing my frustration with trying
to get the techie on the same page as me, or me on the same page as he.

Unfortunately, the Belkin firmware does not allow altering the status of
port 80. That's my gripe. They won't fix it. Reverting to a previous
firmware would solve the port 80 issue, but i would lose important
functionality of the router interface. So, i'll have to come up with a
more creative solution.... trouble is, i'm no genius at this stuff.

Thanks for your comments

Cu

Google