Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: MTU real-world problem example  (Read 4234 times)

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: MTU real-world problem example
« Reply #15 on: December 14, 2018, 05:52:14 AM »

google has got a lot worse since its old days.  Its been simplified a great deal so relevant search results are harder to come by and there is algorithms in place now to favour news and retailer sites.

But bing and yahoo have regressed even more e.g. with both those search engines if you try to search for a phrase like "find me these words in this order", they dont honour the quotes and will still just search for the words separately so e.g. "words of find order this" would be hit.
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: MTU real-world problem example
« Reply #16 on: December 14, 2018, 06:06:47 PM »

https://www.ietf.org/rfc/rfc4821.txt

Firewalls that drop ICMP when it's in response to an outbound flow are broken and users having issues behind them should assist greatly in expediting repair.

I was checking something in the fw rules when debuging an issue, and I can confirm that there is actually rules created for RFC compliance, they not shown in the GUI but are generated on pfsense, not checked opnsense yet.

Extract here.

Code: [Select]
# IPv6 ICMP is not auxilary, it is required for operation
# See man icmp6(4)
# 1    unreach         Destination unreachable
# 2    toobig          Packet too big
# 128  echoreq         Echo service request
# 129  echorep         Echo service reply
# 133  routersol       Router solicitation
# 134  routeradv       Router advertisement
# 135  neighbrsol      Neighbor solicitation
# 136  neighbradv      Neighbor advertisement
# 135  neighbrsol      Neighbor solicitation
# 136  neighbradv      Neighbor advertisement
pass  quick inet6 proto ipv6-icmp from any to any icmp6-type {1,2,135,136} tracker 1000000107 keep state
Logged

Alex Atkin UK

  • Addicted Kitizen
  • *****
  • Posts: 5261
    • Thinkbroadband Quality Monitors
Re: MTU real-world problem example
« Reply #17 on: December 28, 2018, 07:49:44 AM »

I must admit, for such a powerful firewall it really annoys me that pfSense hides some of its handiwork in the scripts.  It caused me particular issues when setting up a script that started at boot as it would start before the boot script had finished causing boot to hang.  I had to resort to just letting cron start it up a minute after bootup, not the end of the world I suppose as I wanted to check its still running every minute anyway.

But the time I wasted finding that out and the bizarre concept that they would initiate any custom script before the entire boot process has finished is baffling.
Logged
Broadband: Zen Full Fibre 900 + Three 5G Routers: pfSense (Intel N100) + Huawei CPE Pro 2 H122-373 WiFi: Zyxel NWA210AX
Switches: Netgear MS510TXUP, Netgear MS510TXPP, Netgear GS110EMX My Broadband History & Ping Monitors
Pages: 1 [2]