Microsoft KB Archive/264883

{|
 * width="100%"|

Windows 2000 with Internet Connection Sharing or Network Address Translation Drops Packets

 * }

ID: Q264883

-

The information in this article applies to:


 * Microsoft Windows 2000 Professional
 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-

SYMPTOMS
Client connections to resources that are made through a Windows 2000 host that is running Internet Connection Sharing (ICS) or Network Address Translation (NAT) may not work, but clients can ping the destination host.

CAUSE
This problem can occur if the Maximum Transmission Unit (MTU) for the public or shared interface is less than the MTU for the private interface. When ICS or NAT is enabled, the Windows 2000 host does not send an ICMP &quot;Destination Unreachable&quot; message with the error of &quot;Fragmentation needed and DF (Don't Fragment) set&quot; and the largest MTU it can handle. Therefore, the client computer never backs down its Maximum Segment Size and the Windows 2000 NAT server silently drops all packets that exceed the MTU size that is set on the public (shared) interface.

STATUS
Microsoft has confirmed this to be a problem in Microsoft Windows 2000.

Additional query words: fail fails

Keywords : kbenv kbnetwork

Version : WINDOWS:2000

Platform :

Issue type : kbprb

Technology : kbwin2kAdvSer kbwin2kAdvSerSearch kbwin2kS kbwin2kSSearch kbwin2kSearch kbwin2kProSearch kbwin2kPro