[4570] in linux-net channel archive
Re: IP Masquerading: No good for FTP?
daemon@ATHENA.MIT.EDU (rsteffen@ia.net)
Sun Sep 29 19:43:27 1996
From: rsteffen@ia.net
To: ggoebel@ggoebel.sound.net (RHS Linux User)
Date: Sat, 28 Sep 1996 10:03:57 -0500 (CDT)
Cc: linux-net@vger.rutgers.edu
In-Reply-To: <Pine.LNX.3.95.960927083543.3064A-100000@ggoebel.sound.net> from "RHS Linux User" at Sep 27, 96 08:44:07 am
> I don't know about any of you, but I've been using IP Masquerading for
> about 4-6 months, and through many kernels, many ipfwadm and masquerading
> revisions, I have yet to be able to complete and actual ftp download.
>
> Yes I'm using always defrag packets... Once in a blue moon the ftp
> download will complete, but I can't execute or extract what I downloaded.
> Usually it all just hangs at 99% complete.
FTP uses two tcp connections, one for command and one for data. When
transfering data, the command channel is idle. If idle too long, the
IP Masquerade code will time it out, the symtoms you describe sound like that
is the case. You need to crank up the time out value for tcp connections
with "ipfw -M -s x 0 0", where "x" is the number of seconds you want for
the timeout (Hint: make it much bigger than it is now).
Russ
--
+-------------------------------------------------------+
| Russ Steffen |
| EMail: rsteffen@ia.net |
+-------------------------------------------------------+
