PPPoE gateway IptablesMTU strange problem

PPPoE gateway IptablesMTU-Linux Enterprise Application-Linux server application information. Problem description
When Iptables is used as the SNAT gateway, it finds that some PCs cannot normally access some sites, as the browser can parse the site, some open sites, and then times out.

Cause
The MTU of the PPPoE connection of ADSL is 1492, while the default MTU of Widows and Linux is 1500. When the browser sends a request to the WEB server, the MSS is required to be 1460, some sites have blocked ICMP3/4 access or disabled the PMTUD protocol, resulting in the MSS value being 1460. When the package returned by the WEB server is less than 1452, the client can normally accept data, if the number exceeds 1452, data cannot be obtained.

Solution
1. Use ping to find your max mtu Size
Ping-l mtu_size-28-f your_gateway
The Packet needs to be fragmented but DF set error message is not received from 1500. 28 is the byte used by the IP address and ICMP protocol. Generally, PPPoE is 1492.

2. Adjust the MTU of the PC

Windows 2000/XP

Registry: HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services TcpipParameters Interfaces, and (Edit-> New-> DWORD Value), and name the value MTU.
Double-click the new value, choose the Decimal option, and type the MTU value determined above. Restart.

Windows 98

Registry: HKEY_LOCAL_MACHINE System CurrentControlSet Services ClassNet adds the MaxMTU string entry,

Linux
Ifconfig interface mtu mtu_size

3. Adjust the Gateway

Iptables

Add Rules:

Iptables-o ppp_interface-I FORWARD 1-p tcp -- tcp-flags SYN, RST SYN-m tcpmss -- mss 1400: 1536-j TCPMSS -- clamp-mss-to-pmtu
The size of the outbound package is changed to the MTU size of pppx.

Or clamp mss size in pppoe
RedHat Modify/etc/sysconfig/networking-script/ifcfg-ppp0
Clampm Ss = 1452

Debian
Modify/etc/ppp/peers/dsl-provider
Add
Pty "/usr/sbin/pppoe-I eth1-T 80-m 1452
Comment out plugin, The rp-pppoe.so seems to have a bug