> > tags 407735 wontfix > severity 407735 minor > thanks >
I've been googling about this problem. It could be a problem with the way many routers around the world are configured, yet only manifests with particular Linux kernel versions. It may be that many network admins need to change their configuration, but this would be a political issue, not something end-users should be forced to bear the brunt of. Once again, this problem has nothing to do with my local hardware, and occurs consistently with the same exact sites on the Internet (one example: slashdot.org). Doing echo "0" > /proc/sys/net/ipv4/tcp_window_scaling fixes the issue completely. http://en.opensuse.org/SDB:Problem_with_establishing_TCP/IP_connection_in_openSUSE_10.2 http://www.mail-archive.com/[email protected]/msg09314.html http://www.penlug.org/twiki/bin/view/Main/CiscoVpn "The recent 2.6.7 kernel's TCP changes are only exposing a pre-existing problem with a large number of poor/broken firewall implementations. These are clueless firewall implementations that strip or alter the TCP options. When the options are modified, TCP gets busted. The reason this matters now, is that when the linux kernel proposes a new window scaling, it quite sensibly expects that the other side will receive the same initial SYN request that it actually sent. If there is a clueless firewall in the middle that corrupts or strips it, then the window we send is not correctly scaled, and the result is that the other side thinks that there is not really enough space to send. The current proliferation of these clueless firewall implementations resulted in a proposal on the linux kernel mailing list by Stephen Hemminger, where he proposes a patch that will avoid sending window scaling that is big enough to break in these cases unless the tcp_rmem has already been increased. The aim is to keep the default configuration from blowing in a corrupt world. For more details on the lively ensuing discussion of Stephen's patch, search for the following string in the archive pages listed below: "[PATCH] fix tcp_default_win_scale." See the Jul 1 to Jul 7, 2004 lkml archives. Also the Jul 8 to Jul 15, 2004 lkml archives There's also an entertaining explanation from James Janssen, a Gentoo user, here. " -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
