I’ve recently moved from an analog leased line to ADSL at home and during the switch moved my firewall/router from FreeBSD 5.2.1 to NetBSD 2.0. My primary reason for switching is pragmatic rather than religious – I have a fair number of Suns that run NetBSD and I’m trying to reduce the number of different OSs I have running at home.

After I got pppoe working, I experienced intermittent problems accessing various websites (some of the problem children were groups.yahoo.com and ABSA Direct). After much digging (and initially blaming Squid), I found the solution on the pppoe(4) manpage:

   MSS/MTU problems
     If you are using a pppoe interface, you will have an unusually low MTU
     for todays Internet.  Combined with a lot of misconfigured sites (host
     using path MTU discovery behind a router blocking all ICMP traffic) this
     will often cause problems.  Connections to these servers will only work
     if your system advertises the right MSS in the TCP three way handshake.
     To get the right MSS, you need to set
           # Obey interface MTUs when calculating MSS
           net.inet.tcp.mss_ifmtu=1
     in your /etc/sysctl.conf file.  This causes the calculated MSS to be
     based on the MTU of the interface via which the packet is sent.  This is
     always the right value if you are sure the answer to this packet will be
     received on the same interface (i.e., you only have one interface con-
     nected to the Internet.)

Sheesh, after much cursing and fiddling with Squid, it was something as simple as that!