On 2016-02-12 14:07, Kristof Provost wrote:
On 12 Feb 2016, at 15:33, Larry Rosenman <l...@lerctr.org> wrote:
On 2016-02-12 08:31, Kristof Provost wrote:
On 12 Feb 2016, at 15:29, Larry Rosenman <l...@lerctr.org> wrote:
On 2016-02-12 08:13, Larry Rosenman wrote:
sysctl net.inet.tcp.rfc1323=0
makes it work
Shouldn't the stack do the right thing here? For the record, the
other side
is also FreeBSD (10.2-STABLE).
Yes, but it’s possible that there’s a problem with the pf scrubbing
of
the window scaling or timestamp options.
I have a vague recollection of having looked at that in the past.
Bug 172648 also claims there is/was an issue with checksums in that
case, but I’ve never been able to reproduce it.
Regards,
Kristof
Ok. Since I can reproduce this at will, and the 2 firewalls are
pfSense, how can I help?
I’ll still need to reproduce it locally to fix it, but it might be
interesting to know if the packet is dropped by the router, or sent
out again with an incorrect checksum.
Can you take a capture on the WAN interface and see if the TCP SYN
makes it out (if it does, I’d expect the checksum to be wrong) or not?
Regards,
Kristof
Will do tonight.
--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 7011 W Parmer Ln, Apt 1115, Austin, TX 78729-6961
_______________________________________________
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
