Links

• km0ti0n.blunted.co.uk

Recent Changes

• /linux/setup/index
• /linux/xen/xen-howto-ubunty-jaunty/index
• /linux/xen/index
• /linux/index
• /cast/iron/guttering/cast-iron-guttering
• /symantic-web/foaf
• /css/opacity/index
• /usenet/howto/index
• /Goolge/IG/DomLookup/index
• /pendrive/index
• /linux/quickref/index
• /home
• /linux/sabayon/index
• /win/server/MTU
• /EventManagment/index
• /win/win32_ssh_unix_utils
• /linux/IEs4Linux
• /css/CSS-Targeting-IE7
• /pixel/index
• /photography/index
• /js/dragdrop/index
• /js/Index
• /js/mozXPath/index
• /links/index
• /css/rollovers
• /linux/links
• /about/index
• /js/examples/Selects Value
• /litestep/index
• /sharpe/index
• /js/examples/ComNum
• /js/Printing/index
• /Google/IG/Index
• /links/Property
• /OSX-Vmware/index
• /EventFactoring/index
• /js/ProperDOM/index
• /js/examples/PropperDOM
• /js/ajax/index
• /Contact
• /js/DefaultArgs/index
• /js/examples/toCapatalize
• /js/ObjFactory/Index
• /js/examples/DynamicImage
• /js/examples/Select's Value
• /contact

MTU

Setting Windows MTU for a NIC / Network Card

**UPDATE** And Vista too!

Recently I was having some difficulty accessing some web servers that sat behind a firewall. It wasn't until I had the problem with one of my own servers that I started to investigate.

After a period of of modifying the Firewall (Sonicwall), upgrading the firmware. I eventually found a common cause. The firewall was rejecting on the basis of a "Probable/Possible NULL port scan".

Now, I was 100% positive that no such scan was happening. I decided to run a sniffer of another server to test to data transfer. It appeared that any situation where a proportion of data is sent to the server the packets were being fragmented.

Looking at the firewall's log each any every time a request was refused on the NULL port scan basis the preceding packet was the first part of a fragment. The sonicwall was dropping the first fragment and the second was, for some reason, making the firewall freak and lock out/drop the connection.

I'm no network technician, but I knew that the MTU was set wrong somewhere. The DSL router (Vigor) was set at the low 1400's, 1452 IIRC. And then I look at the MTU of the linux units these are all set to 1500 and then test the Windows units these too appear to be 1500

// Test fragment size with ping
ping www.google.com -f -l 1500

As with most things, changing the linux setting of all the 4 NIC's wasn't too hard

/sbin/ifconfig [interface] mtu [value]

Setting the value on windows wasn't as easy to figure out. Searches on MSDN and google kept directing me to the VPN/PPP configurations. I knew i really needed to alter the NIC/Network Cards value. Eventually I found the right MSDN article / Reference

TCP/IP and NBT configuration parameters for Windows XP

It works for 2k3 server too, which is the environment I was testing with. In the end all I need to do was Add a decimal value to a DWORD key called MTU to the Key :

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\INTERFACE_GUID

Getting the right GUID for the interface wasn;t necessary, I use fixed IPs and the whole of the ip configuration is listed at this point. And, infact, I think I'd rather use this RegKey to maintain the NIC in future, seams more flexible and logical.