On Sat, 28 Feb 2004, Henrik Nordstrom wrote:
> I wonder if it is a coincidence but most reports about odd connection
> reset or unreachable sites involve Cisco PIX one way or another..
probably not. they are notorious for breaking long-RFC'd protocols
(like EDNS), or requiring tuning in such cases.
if the PIX in question has 'fixup protocol http' in the config, i would
try the same tests after doing 'no fixup proto http'. the http fixup
doesn't really buy you much, unless you are using Cisco's Websense/URL
filtering thingie. most sites i've seen have fixup on, adding unnecessary
overhead, but are not really using the feature.
-m
Received on Sat Feb 28 2004 - 11:59:26 MST
This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:03 MST