Jan 29 13:52:56 www pppoe[1558]: Bad TCP checksum b519
Jan 29 15:03:01 www pppoe[1558]: Bad TCP checksum 50f9
Jan 29 15:24:16 www pppoe[1558]: Bad TCP checksum d799
...
此主機是用撥接方式來取得固定 IP 的模式
用 vim 檢視網路設定內容
[root at www.bestlong.idv.tw ~]# vim /etc/sysconfig/network-scripts/ifcfg-ppp0
內容如下
關於 pppoe 的連線狀態
[root at www.bestlong.idv.tw ~]# pppoe-status
pppoe-status: Link is up and running on interface ppp0
74: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc pfifo_fast state UNKNOWN qlen 3
link/ppp
inet 123.204.43.111 peer 123.204.43.1/32 scope global ppp0
[root at www.bestlong.idv.tw ~]#作者: bestlong 時間: 2012-2-3 15:53
Here is what i found (if it hasn't been found before):
1) solved by editing the pppoe.conf and setting "CLAMPMSS=no"
also, you need to use the internal CLAMPMSS of netfilter to compensate (if you don't already.):
$iptdir -t filter -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
2) the reason it (usually) happens is because you have the CLAMPMSS set to 1412 and you have also set netfilter to:
$iptdir -t filter -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
at the same time. choose one, preferably leave netfilter in place to avoid freezes at unexpected time.
3) The reason it happens is because you have short circuted the modem to the hub and the pppoe protocol or software have trouble keeping things in sync because of timeouts that were generated by the network collisions. the solution is to seperate the modem network from the home network so no collisions will happen.
however, the CLAMPMSS=no could also help since it can reduce overheads and thus lower timeouts (if any)though i didn't check that. other things can help like increasing timeouts, changing synchronization options but i didn't try them and it seems too much hassle, it would be cheaper by time/money to just buy another 30 nis ethernet card and be done with it.
因此我修改了我的系統( OS Linux webmail.tcc.edu.tw 2.6.9-78.0.8.ELsmp #1 SMP 2008 )