Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 252
  • Last Modified:

XP & ICS .. Strange failure.

My home internet gateway duel-boots WindowsXP and Linux. When running linux it uses iptables to perform NAT on the rest of the network (running Win98, Win2k, Linux, WinXP)  and everything works as expected. I can use redirection to allow public access to servers on the private network, the local systems can get access to internet services, etc.

The Internet connection uses one ethernet connection for pppoe and the local network.

When the gateway is running XP however the private network can only access some of the internet. In other words web browsers on the local network can load pages from some web sites but not others. When running the browser on the gateway every thing seems to work. It does not matter what OS or browser (IE, Netscape, Konqueror, Mozila) Im using. The sites that will not load can be resolved through DNS. If I can ping a site, I can load it. The some pages will load partially then stall, others wont load at all.

When I re-boot the gateway with linux the workstations will work, I dont have to re-boot, logoff or anything.. they just start working.

Re-boot to XP, and they stop working. Always the same URLs fail. ex. my.netscape.com will not load, www.netscape.com will load partially, dictionary.com,  www.symantec.com, google.com will load.
There does not seem to be any pattern of domains or IP addresses that will or will not load. As I said, all hostnames resolve to the correct IP addresses.
I even went so far as to run Ethereal on the gateway and watch the IP traffic. You can see the workstations making normal requests for connections and the hosts replying with ACK then the connection just dies. I looks like XP never forwards the  ACK to the workstation. Suppose I could run Ethereal on the workstation to verify.

Other clients, pop, telnet, imap seem to work form the clients, although Ive only tried them with a few destinations.

I've tried disabling/re-enabling ICS, now what?


1 Solution
DSL connection?
change MTU on client
use drtcp to change the MTU settings
drtcp (free)
kinseyAuthor Commented:
You pointed me in the right direction.

The article had an error in it. On my machine the key had to change was:


and Set it to 1472


Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now