[nSLUG] Linux router/firewall and Kernel bug impacting "slowness" and non-connects

D G Teed donald.teed at gmail.com
Sun Jul 27 17:03:30 ADT 2014


I've been working on this problem for several days, which first
appeared around July 13.  One of the manifestations was certain
systems on the home LAN would fail the "Check for updates"
from MS WIndows.  Windows activation and Genuine Check
also failed consistently.

When I found use of a VPN on the Win box
to another network worked around the problem
I looked at the firewall.

tcpdump run on the firewall during a Windows Genuine check was a simple
thing to get a few packets on, and it showed errors like:

15:40:21.957601 IP clark.localdomain.domain >
scarlet.localdomain.domain: ICMP co2.sls.microsoft.com unreachable -
need to frag (mtu 1500), length 556

Eventually I found this Debian bug report:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754294

I've used the workaround

ethtool -K eth0 gro off

on the router and now the router/firewall works well again.

Debian bug report says the fixed kernel will appear soon.

Sharing this here in case there are other Linux router
users impacted by odd network errors in recent days.


More information about the nSLUG mailing list