On 2016-01-21, Steve Shockley <[email protected]> wrote: > A while back [1], I posted a question asking about timeout issues using > Openup (or any transfers really) to work through a Websense proxy. > Later, I had problems with Smokeping on OpenBSD showing ~50% packet loss > going through the proxy. After far too long staring at debug logs and > packet traces, it turned out that the proxy OS (CentOS) simply wasn't > passing the traffic through to the proxy. > > I found a description of a similar problem on Server Fault [2]. It > turned out OpenBSD was sending two SYN packets with timestamps (which > were dropped by CentOS), then sending a SYN without a timestamp (which > was successful). Setting sysctl net.ipv4.tcp_timestamps=0 on the CentOS > proxy worked around the problem. > > So, what went wrong here? Was the OpenBSD timestamp "too random" for > CentOS 6.7? Or is there some other issue, and I'm just masking it by > disabling timestamps?
Removing timestamps will kill performance unless it's on a slow line. It gives a good clue though - try this (on the centos box) instead: http://stackoverflow.com/questions/8893888/dropping-of-connections-with-tcp-tw-recycle
