[kwlug-disc] Rogers / DNS redux (?)
Andrew Kohlsmith (lists)
aklists at mixdown.ca
Sun Jan 18 19:35:14 EST 2009
On January 18, 2009 05:38:15 pm unsolicited wrote:
> Yes nonsuch, I've experienced the same situation for many months.
> Adjusting MTU does NOT fix it. Rogers injects RST packets on both
> sides of the connection. Get a copy of WireShark and you'll see it.
> After that dns lookups fail. This has nothing to do with the number of
> connections or data transfered. Just browsing websites is enough. This
> equipment from Narus, Roger bought is either junk or Rogers doesn't
> have it setup incorrectly. VERY frustrating!!!
I heard of a solution being where you just add an incoming firewall rule that
rejects RST packets. Yes that can cause some troubles of its own, but he
swears that over 400k of RST packets blocked, and his internet's never been
better.
iptables -I INPUT -i ethx -p tcp --tcp-flags rst rst -j DROP
should do it.
-A.
More information about the kwlug-disc
mailing list