Thanks for the suggestion. I assume you mean in the SonicWall? I tried the Sonic with the fragmenting turned off (and on at 1500)
But then this is probably more likely to be an issue in my router, not the firewall...?
My ISP does not give access to the router, if this could be an issue I will push it with them.
Maybe it's more likely that the server/router/firewall at house.gov is the culprit?
Additional info: I initated most test connections with a telnet conneciton to port 80. My packets were under MTU. In looking at the packet captures, the return packets (where failure occurs) of a successful connection is under MTU (see packet captures). So I think MTU can be ruled out, but that's a little out of my area of expertise...
Any chance that the server at house.gov is having issues with NAT source addresses?
Bewildered,
Jeff Johnson
On Tuesday, November 11, 2003, at 02:10PM, David Kuder <david.kuder@xxxxxxxxxx> wrote:
>My fifteen second analysis is to double check "do not fragment" bits and
>MTU. For "performance" some webservers set DNF and send big packets.
>They get dropped at links with smaller MTU.
>
>