|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
dsl -> pppoe pf problem
Hi,
I change network speed and technology in my ISP. I had DSL with static ip 3Mbits, everything works ok. Now i have pppoe 6Mbits (static ip). This is what I change: /etc/hostname.bge0 (interface connected to dsl modem): "up" /etc/hostname.pppoe0: "inet 78.x.x.x 255.255.255.255 87.x.x.x \ pppoedev bge0 authproto pap \ authname 'xxxxxx@zzzzzzz.pl' authkey 'yyyyyyy' up dest 87.x.x.x !/sbin/route add default 87.x.x.x" And of course in pf.conf I change ext_if="bge0", to ext_if="pppoe0". Ok, its working now but i had problem with download speed. I get only ~300kB/s, so I made a changes: net.inet.tcp.recvspace=65536 net.inet.tcp.sendspace=65536 in sysctl.conf and now download speed is ok. But after few days I notice that there is a problem accessing https sites, I can use gmail over https, but e-banking and other sites dosent work. My pf.conf rule (just a part): ext_if="pppoe0" int_if="fxp0" # nat nat on $ext_if from "192.168.1.0/24" to any -> ($ext_if) pass out quick on $ext_if proto tcp from ($ext_if) to any port {80,443} pass in quick on $int_if proto tcp from ($int_if:network) to any port 443 Any traffic going on port 443 should go directly and now some part of this traffic are missed(?). It was work w/o any problems before changing dsl to pppoe... Also I was try redirect traffic on 443 to squid, because when I type squid iport in webbrowser (proxy) everything works ok. This is my rule to redirect www trafic to squid: rdr pass on $int_if proto tcp from ($int_if:network) to any port 80 -> 192.168.1.1 port 3128 and I try that same with https: rdr pass on $int_if proto tcp from ($int_if:network) to any port 443 -> 192.168.1.1 port 3129 pfctl -f /etc/pf.conf And dosent work . Thank you for any help. ps. I have OpenBSD 4.3 Last edited by J65nko; 3rd March 2010 at 08:07 PM. Reason: password and username removed |
|
|||
Ok, I fixed my problem....
Just need to add: scrub out on $ext_if max-mss 1440 in pf.conf, and everything is ok. |
Tags |
max-mss 1440, pppoe |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Freebsd router PPP/PPPoE connection problem | mrthomas | FreeBSD General | 4 | 1st January 2010 10:36 PM |
Problem with pf for PPPoE | Monkey | OpenBSD Security | 2 | 18th December 2009 03:29 AM |
pppoe | kaschei | OpenBSD General | 2 | 20th May 2009 01:14 AM |
PF and kernel-level PPPoE(4) | gezley | OpenBSD Security | 3 | 15th May 2009 06:56 PM |
Modem PPPoE vs OpenBSD PPPoE | ryoken | OpenBSD Security | 13 | 15th June 2008 10:07 PM |