If the work-around presented by this article is of interest, then also try my page on the real solution for Web-browsing problems using ICS with PPPoE.
 

 

 Original Source: Microsoft Knowledge Base Article 319661
 

Connectivity Problems on ICS Clients When You Use a PPPoE Connection on a Windows XP ICS Host

 
The information in this article applies to:

This article was previously published under Q319661

IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

   256986 Description of the Microsoft Windows Registry

 

SYMPTOMS

You might not be able to browse some Web sites or to send e-mail messages that contain attachments from an Internet Connection Sharing client computer if your outbound connection is through a Windows XP-based Internet Connection Sharing host computer that uses Point-to-Point Protocol over Ethernet (PPPoE).

 

CAUSE

This issue may occur if the Windows XP-based Internet Connection Sharing host computer uses a smaller Maximum Transmission Unit (MTU) size on the public interface (the PPPoE connection to the Internet) than it uses on the private interface (the Ethernet connection to the Internet Connection Sharing client). If a packet is larger than the MTU size on the public interface, the client sends an Internet Control Message Protocol (ICMP) error to the external server to request that the server negotiate the TCP Maximum Segment Size (MSS). However, this message may be blocked by some firewalls. When this occurs, the packet is dropped.

 

RESOLUTION

To resolve this problem, install Windows XP Service Pack 1 (SP1) on your Internet Connection Sharing host computer. Internet Connection Sharing has been updated in Windows XP SP1 to work around this issue by using a process that is named MSS clamping. MSS clamping causes Internet Connection Sharing to set the MSS value low enough to match the external interface.

 

WORKAROUND

WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.
 
To temporarily work around this problem, lower the MTU size on the internal Internet Connection Sharing client computers to 1490.
 
NOTE: Use this temporary workaround only in cases in which a Windows XP-based computer is both an Internet Connection Sharing host (or gateway) and is connected to the Internet by using PPPoE.
 
To modify the MTU on the internal Internet Connection Sharing client computers, follow these steps.
 
To Identify the correct MTU size:

  1. Start a command prompt, and then use the Ipconfig utility to determine the default gateway of the Internet Connection Sharing server.
     
  2. At a command prompt on a client, type the following line, and then press ENTER:
     
     ping -f -l MTU_size default_gateway_IP_address
     
     Start with an MTU size of 1,490.
     
  3. If you receive an error message that indicates that the message must be fragmented, repeat step 2 by using a smaller MTU size. Repeat this process until the ping command succeeds.

After you determine the largest supported MTU size, follow these steps to manually set the MTU on the Internet Connection Sharing client computer or computers:

  1. Click Start, point to Control Panel, point to Network and Internet Connections, and then click the Network Connections folder.
     
  2. If the Network Connections folder contains more than one network connection, check the IP address for each network connection to determine which is the Internet connection.
     
     To check the IP address for a network connection, double-click the Network Connection icon, click the Support tab, and then note the IP address.
     
     The connection with an IP address that starts with 192.168 is the Internet network connection. Note the name of the Internet connection (for example, "Local Area Connection 2").
     
  3. Start Registry Editor.
     
  4. Locate and then click the following key in the registry, where AdapterIDNumber is a hexadecimal number:
     
     HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{AdapterIDNumber}\Connection
     
  5. In the Connection key, check the Name value to determine if it matches the name of the Internet connection that you found in step 2.
     
     If the Name value matches the name of the Internet connection, note the name of the {AdapterIDNumber} key.
     
     If the Name value does not match the name of the Internet connection, repeat this step to check the Name value in the next {AdapterIDNumber}\Connection key in the registry.
     
  6. Locate and then click the following key in the registry, where AdapterIDNumber is the hexadecimal ID number of the Internet connection that you noted in step 5:
     
     HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Interfaces\{AdapterIDNumber}
     
  7. On the Edit menu, click Add Value, and then add the following registry value, where MaxMTUSize is the maximum supported MTU size that you discovered earlier in the Ping tests:
     
     Value name: MTU
    Data type: REG_DWORD
    Radix: Decimal
    Value data: MaxMTUSize
     
  8. Quit Registry Editor.

NOTE: If you still experience problems when you visit some Web sites, you may have to change the MTU value setting to a lower number. Reduce the MTU value setting in increments of 10 until the issue is resolved.

For additional information about how to manually set the MTU size, click the following article number to view the article in the Microsoft Knowledge Base:

   314053 TCP/IP and NBT Configuration Parameters for Windows XP

PPPoE is described in Request for Comments (RFC) document 2516. Currently, some digital subscriber line (DSL) service providers use PPPoE to maintain the familiar "dial-up" experience for users who use a DSL modem to connect to the Internet.

 

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows XP Service Pack 1.

 

MORE INFORMATION

On Windows XP, PPPoE connections use a Maximum Transmission Unit (MTU) size of 1,490 to account for the additional PPP header information that is transmitted over the Ethernet network. Because the TCP MSS is negotiated during the TCP handshake by the two end systems, the end systems may set an MSS that is based on a local link MTU of 1,500 if both systems are connected to Ethernet networks. If the Internet Connection Sharing host cannot pass the traffic to and from the internal Internet Connection Sharing client because the packet is too large, the Internet Connection Sharing computer sends the appropriate ICMP message that states that fragmentation is required and that the "Don't Fragment" bit was set. The Windows XP-based Internet Connection Sharing host also includes the MTU size of the PPPoE link; the recipient of the ICMP message can initiate a renegotiation of the MSS. This process fixes the problem and is transparent to users.

The problem that is described in this article occurs when the external host blocks ICMP messages. In practice, this is typically a Web server that blocks ICMP messages at the firewall. If the internal Internet Connection Sharing client sends only small requests (such as HTTP requests), the client's packets may never become large enough to have to be fragmented by Internet Connection Sharing. However, the Web server may send back a large file or image that fills a single or multiple packets to capacity. Internet Connection Sharing sends the appropriate ICMP "fragmentation required" message back to the Web server. If this message never reaches the Web server (because it is blocked by a firewall), the Web server does not become aware that the session MSS must be renegotiated. Unless the external server is using PMTU Black Hole Router discovery (by default, this is disabled in Microsoft Windows 2000), the data never reaches the internal Internet Connection Sharing client.

 
Last Reviewed: 3/6/2003
 
 Original Source: Microsoft Knowledge Base Article 319661

 

 

Michael O'Neill, who brought Article 319661 to my attention, also provided the following observation about using the workaround this article provides, when the client system is running Windows ME:

"The MSDN article has an error in the identification of the registry key mentioned in step 6 of the procedure.

Instead of
 
 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Interfaces\{AdapterIDNumber}
 
 the key should read
 
 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AdapterIDNumber}

(Note that the article is missing 'Parameters')"

 See Also: Setting the MTU on Client Systems  
 

 

[ChangeDetection.com]TM
Monitor this Webpage
 E-mail the Webmaster
Page Content Updated: March 28, 2003