NAT and ISP problem

From: Giacomo (jacum_at_libero.it)
Date: 08/31/05 

Date: Wed, 31 Aug 2005 11:53:07 GMT

Good morning, I'm Giacomo Strangolino from Italy.

I posted some days ago a problema about NAT and Internet Service Provider
problems:

I finished developing an ipv4 forewall with NAT/MASQUERADING and have been
testing it
for some time with success connecting from home to my ISP named "libero".

Then i changed ISP to another one, called "telecom" and with great surprise
i discovered that
images from sites and also sites failed to load.

So now, when i call an ISP all works fine, when i call the other, things go
wrong.

I NAT machines behind my firewall changing only ips and ports, and
recalculating checksum (ip and tcp/udp)
to adjust such changes.
I do not touch any other field as window size or seq number or ack, since
the only things i manipulate are
addresses and ports.

I was wondering what i could do to solve, since iptables and ipfw+natd on
freeBSD or winXP sp2 work fine
with this ISP...

Tweaking with ethereal i found that probably sometimes a tcp segment gets
lost.

 * Thanks to news help, i tried to lower MTU and to disable ECN, but the
problem persists. *

My firewall is a 2.6.12 kernel module which registers with netfilter hooks.
A userspace program sends rules to
kernel via netlink.

I thank anyone who could help me find the way to fix the problem or
understand what could be wrong with an
ISP network and anyway work fine with the other.

Thanks a lot

Giacomo S. Udine, Italy

Relevant Pages

  • NAT and ISP problem: lowering mtu and disabling ECN did not solve
    ... I'm Giacomo Strangolino from Italy. ... I posted some days ago a problema about NAT and Internet Service Provider ... Then i changed ISP to another one, called "telecom" and with great surprise ... My firewall is a 2.6.12 kernel module which registers with netfilter hooks. ...
    (comp.os.linux.networking)
  • nat and isp problem: lowering mtu and disabling ecn did not help
    ... I'm Giacomo Strangolino from Italy. ... I posted some days ago a problema about NAT and Internet Service Provider ... Then i changed ISP to another one, called "telecom" and with great surprise ... My firewall is a 2.6.12 kernel module which registers with netfilter hooks. ...
    (comp.os.linux.development.system)
  • NAT and ISP problem on IP firewall project
    ... I'm Giacomo Strangolino from Italy. ... I posted some days ago a problema about NAT and Internet Service Provider ... Then i changed ISP to another one, called "telecom" and with great surprise ... My firewall is a 2.6.12 kernel module which registers with netfilter hooks. ...
    (comp.os.linux.development.system)
  • help about nat and internet service provider problem!! (kernel module)
    ... I'm Giacomo Strangolino from Italy. ... Then i changed ISP to another one, called "telecom" and with great surprise ... lost (I attach ethereal output too). ... My firewall is a 2.6.12 kernel module which registers with netfilter hooks. ...
    (comp.os.linux.networking)
  • Re: DSL with User PPP and Static IP
    ... I have implemented all the changes including disabling the IPFW firewall ... set log phase chat connect lcp ipcp command ... > Your rc.conf is all wrong, you are doing the nat process in both ... > set authname YOURLOGINNAME # Replace with your ISP account IP ...
    (freebsd-questions)