Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
alxdon-rs2014-07-18 16:20:50
iptables
alxdon-rs, 2014-07-18 16:20:50

Why doesn't Upload to SpeedTest.net work from Windows via a Debian router?

There is an FTTx connection.
I connect the provider's cable to the WindowsXP machine, configure PPPoE.
SpeedTest.net shows normal Upload/Download.
Now I connect the provider's cable to the router on Debian 7.5, configure network interfaces, routing. The second interface of the router is connected to the LAN.
SpeedTest.net on a client machine running Mint17 demonstrates a normal Upload/Download.
On machines with WindowsXP or Windows7 Download is fine, but Upload works fine for a while (fractions of seconds), and then drops to zero.
What is the reason for this behaviour? And how to ensure a normal Upload on client machines running Windows?
eth0 connected to LAN XXX.XXX.XXX.0
eth1 connected to ISP network
External address: YYY.YYY.YYY.YYY
Configs:
/etc/network/interfaces

auto lo
iface lo inet loopback

allow-auto eth0
allow-hotplug eth0
iface eth0 inet static
        address XXX.XXX.XXX.11
        netmask 255.255.255.0
        network XXX.XXX.XXX.0
        broadcast 192.168.100.255
        gateway XXX.XXX.XXX.1
        dns-nameservers DNS.DNS.DNS.DNS

allow-auto eth1
allow-hotplug eth1
iface eth1 inet manual

allow-auto ppp1
iface ppp1 inet ppp
        provider dsl-provider
        pre-up /etc/network/if-pre-up

/etc/ppp/peers/dsl-provider
unit 1

user *user*
pty "/usr/sbin/pppoe -I eth1 -T 80 -m 1452"

noipdefault
usepeerdns
defaultroute
replacedefaultroute

holdoff 15
maxfail 0
lcp-echo-interval 20
lcp-echo-failure 3

connect /bin/true
hide-password
noauth
persist
mtu 1492
mru 1492

noaccomp
default-asyncmap

/etc/network/if-pre-up
iptables -F
iptables -t nat -F
iptables -t mangle -F

iptables -A FORWARD -i eth0 -o ppp1 -s XXX.XXX.XXX.0/24 -j ACCEPT
iptables -A FORWARD -i ppp1 -o eth0 -d XXX.XXX.XXX.0/24 -j ACCEPT
iptables -P FORWARD DROP

iptables -A POSTROUTING -t nat -s XXX.XXX.XXX.111 -o ppp1 -j SNAT --to-source YYY.YYY.YYY.YYY

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
alxdon-rs, 2014-07-19
@alxdon-rs

I answer myself and everyone who is interested.
The problem is known as Path MTU Discovery Black Hole. I already guessed that the problem was somehow related to the MTU parameter, but its decrease led to the fact that speedtest.net stopped opening altogether.
The problem is solved in different ways, I just changed in /etc/ppp/peers/dsl-provider
man pppoe
-m MSS
Causes pppoe to fix the maximum TCP segment size at the given value. Because due to the overhead of PPPoE, the maximum PPPoE segment size is smaller than normal Ethernet encapsulation. This can cause problems on computers on the local network outside of the gateway using PPPoE. If you have a LAN behind the gateway and the gateway connects to the Internet via PPPoE, it is strongly recommended to use the -m 1412 option. This will avoid setting the MTU on all hosts on the LAN.

Similar questions
P
plr2022-03-30 13:31:07
What are the iptables rules for blocking outgoing traffic other than proxy (proxydroid) on rooted Android 10+? 1Reply
A
Axwellweb2019-02-21 15:18:13
Prevent frequent SSH connections? 4Reply
S
Sergey Savostin2014-09-19 20:24:39
What could be wrong with iptables? 2Reply
I
Inteli Sense2016-09-26 16:05:03
How to forward a packet in iptables? 1Reply
B
Bergtagen2019-02-26 15:37:47
How to arrange port mapping using iptables through a single interface? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question