Hi,
I'm trying to run a linux based router in a kvm on Proxmox VE 1.1. Ubuntu 8.04 server LTS is running as guest inside the kvm using two bridged ethernet interfaces (e1000, no virtio). Inside the kvm packets are routed between those interfaces (no firewall etc.). Everythings seems to work fine - ping is working, websites are reacheable and so on.
On certain websites (e.g. www.bmw.de, www.dilbert.com) though I'm experiencing a very strange behaviour. The websites don't load at all when they are accessed via the linux router - via a similar set up NAT/PAT firewall (also Ubuntu on kvm/proxmox) those sites load normal. The observed behavior of the router looks like some form of PMTU discovery issue often seen on PPPoE/L2TP connections (DSL). The kvm-firewall and the kvm-router share a gigabit ethernet uplink thus no MTU size issues should occur. If been tweaking around with sysctl parameters and MTU sizes (on host & guest) for a while but the problem persists. Any ideas, why an iptables firewall works perfectly on the same kvm setup and something as simple as a simple router fails?
Best regards,
AD
I'm trying to run a linux based router in a kvm on Proxmox VE 1.1. Ubuntu 8.04 server LTS is running as guest inside the kvm using two bridged ethernet interfaces (e1000, no virtio). Inside the kvm packets are routed between those interfaces (no firewall etc.). Everythings seems to work fine - ping is working, websites are reacheable and so on.
On certain websites (e.g. www.bmw.de, www.dilbert.com) though I'm experiencing a very strange behaviour. The websites don't load at all when they are accessed via the linux router - via a similar set up NAT/PAT firewall (also Ubuntu on kvm/proxmox) those sites load normal. The observed behavior of the router looks like some form of PMTU discovery issue often seen on PPPoE/L2TP connections (DSL). The kvm-firewall and the kvm-router share a gigabit ethernet uplink thus no MTU size issues should occur. If been tweaking around with sysctl parameters and MTU sizes (on host & guest) for a while but the problem persists. Any ideas, why an iptables firewall works perfectly on the same kvm setup and something as simple as a simple router fails?
Best regards,
AD
Last edited:
