On Mon, 8 Mar 1999, Sascha Pollok wrote:
> here is a problem. I am sending a 2 MB mail to a friend
> @airbus.dasa.de (MX=193.96.150.2). This seems to be a firewall
> SMTP Server.
>
> In case Exim delivers this message I get a "Remote end closed
> connection after Data" or a "Broken pipe".
If the problem occurs right at the start of the mail, then it could be a
network problem with mishandling of large packets. Many emails are small and
thus appear to propagate correctly, but big emails will generate big IP
datagrams.
I have seen a problem when something in the middle of the network mishandles
large packets due to IP tunnelling. In a tunnelled link, your IP datagrams gets
wrapped in a larger datagram and sent over a network. This is how VPNs, and
some ISP's transit circuits work.
Since the datagrams going over the tunnel require a larger packet size, it
needs a bigger MTU in the network handling the tunnelled packets. However, MTUs
are often fixed, so the tunnel will try and fragment the packets.
If the systems outside the tunnel are using MTU path discovery, (most
Sun/Sparc/Solaris machines do by default), and thus set the DF (don't fragment
bit), then ICMP messages will be sent by the routers at the ends of the tunnel
to tell them to reduce their MTU, since the tunnel can't fragment the data, and
has to throw it away.
If this mechanism stops working, eg a firewall blocking ICMP, then you just
"lose" all full-sized datagrams for no apparent reason, and then the connection
times out.
You can test the link using pings of large packets and see what works:
host1% ping -s host2 2048
Try reducing the MTU on the hosts at each end, e.g.
host1% ifconfig le0 mtu 1300
Do you get the same problems if you try and access a web server at the same
location?
Paul
----
# You can wait for a bus-error all day and then three come along all at once #
--
*** Exim information can be found at
http://www.exim.org/ ***