Re: FRS Only replicates on inbound connection, no changes go out.

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

In news:UumOe.83933$Fd1.56828@xxxxxxxxxxxxxxxxxxxxxx,
Mike Drechsler - SPAM PROTECTED EMAIL
<mike-newsgroup@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> made this post, which I then
commented about below:
> MTU of the ethernet interfaces on the routers is 1500
> MTU of the IPSEC tunnels is 1444
> It is an ADSL connection but does not use PPPoE.
> The best way to test MTU to my knowledge is using ping with the do not
> fragment flag set (-f on command line). It should report success for
> packet sizes smaller than the MTU (minus size of packet headers) until
> you hit the MTU where it should start to warn you that it could not
> send the packet because the DF bit was set. I get this behaviour
> from both sides of the link. Before changing the MTU setting of the
> tunnel like you suggested, there was a point where I was getting
> "request timed out" for packet sizes above 1444 when the DF bit was
> set on the ping packet. The tunnel MTU was previously set to 1723
> before I changed it. Windows automatic path MTU detection may have been
> working, because
> pings without the DF flag would work at the larger packet sizes
> before I made that change. Replication behaviour did not change as a
> result of fixing the MTU setting for the tunnel.
>
>
> ipconfig /all for main server:
>
> Windows 2000 IP Configuration
>
> Host Name . . . . . . . . . . . . : mainsrv
> Primary DNS Suffix . . . . . . . : domain.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : domain.local
>
> Ethernet adapter Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : Compaq NC3163 Fast Ethernet NIC
> Physical Address. . . . . . . . . : 00-50-8B-CB-5F-11
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.0.88
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.0.2
> DNS Servers . . . . . . . . . . . : 127.0.0.1
> 192.168.42.155
> Primary WINS Server . . . . . . . : 192.168.0.88
>
> ipconfig /all for remote server:
>
> Windows 2000 IP Configuration
>
> Host Name . . . . . . . . . . . . : remotesrv
> Primary DNS Suffix . . . . . . . : domain.local
> Node Type . . . . . . . . . . . . : Hybrid
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
> DNS Suffix Search List. . . . . . : domain.local
>
> Ethernet adapter Local Area Connection:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX
> NIC (3C905B-TX)
> Physical Address. . . . . . . . . : 00-50-04-F4-13-BB
> DHCP Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 192.168.42.155
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 192.168.42.1
> DNS Servers . . . . . . . . . . . : 127.0.0.1
> 192.168.0.88
> Primary WINS Server . . . . . . . : 192.168.42.155
> Secondary WINS Server . . . . . . : 192.168.0.88

It's recommended to change the local loopback to the actual IP address of
the server.

As for the MTU, you are correct on how to test it. I'm somewhat surprised
the VPN is set to that low of an MTU of 1444. You said the VPN tunnel was
set to 1723? That sounds like a port number, rather than an MTU? Max MTUs is
1500 for TCP/IP. Max Transmit Unit or packet size, is what it refers to,
which is 1500 for TCP/IP. So I am a little confused on the 1723 part. All in
all, if the MTU is lower than 1500, LDAP communication fails.

Anyway, back to the ADSL connection. If it is not PPPoE, is it a routed
connection, such as what SDSL uses or T1? What ISP is it. I've seen
replication issues with any sort of ADSL. ADSL requires an 8byte overhead
for data transmission. By default, the router you are using will drop it to
1492 for ADSL to work.

Ace






.

Relevant Pages

  • Re: Access Windows 2000 shares over tunnel
    ... > conclusion that this must be a transport (i.e. packet flow) problem. ... the MTU to 1500 resulting in fragments. ... I believe that if the client is on a dial-up connection, ...
    (comp.unix.bsd.freebsd.misc)
  • Re: If router MTU > Mac MTU, then ?
    ... MTU in my router at N, ... If a packet of size M travels from my Mac to ... aka tunnel or dialer, the packets have to be encapsulated to go up and down ...
    (comp.sys.mac.misc)
  • Re: Determine when a socket has been closed?
    ... I thought that the MTU was the issue... ... Secondly for stream based connection recv() returns as soon as ... Do not expect that if you send one application packet from one sender end ...
    (microsoft.public.win32.programmer.networks)
  • Re: Router fails with Zen Internet
    ... connected to an ADSL service provide by Demon or Plusnet. ... I think this may well be a packet size issue. ... Changing MTU size in the router makes no difference. ... Connection to pop.123-reg.co.uk...Could not open your connection to the ...
    (uk.telecom.broadband)
  • Re: If router MTU > Mac MTU, then ?
    ... MTU in my router at N, ... If a packet of size M travels from my Mac to ... aka tunnel or dialer, the packets have to be encapsulated to go up and down ...
    (comp.sys.mac.misc)