Found it: While pppoe(8) has an internal option, ``mssfixup'', which is enabled by default and takes care of this, pppoe users have to rely on other methods. Using a packet filter, the maximum segment size (MSS) can be set (clamped) to the required value. The following rule in pf.conf(5) would set the MSS to 1440:
match on pppoe0 scrub (max-mss 1440) On Mon, Sep 30, 2013 at 11:53 PM, James Shupe <[email protected]> wrote: > On 2013-09-30 08:18, John Tate wrote: >> >> I am having trouble with IP forwarding to specific sites on a very >> typical configuration. The router itself can access these sites but >> clients can not. I have looked in obvious places on the clients, but I >> cannot find a cause. I reinstalled OpenBSD on the router after getting >> SSL errors where SSL servers could not be reached from clients, and I >> bought a cheap Netgear router to use which works fine ruling out that >> my ISP is causing problems. >> > > Have you tried setting your max-mss to something like 1440 or 1400? > > Usually that's necessary with DSL... or else you end up with very selective > browsing. > -- www.johntate.org
