> On 12 Feb 2016, at 15:33, Larry Rosenman <l...@lerctr.org> wrote:
> On 2016-02-12 08:31, Kristof Provost wrote:
>>> On 12 Feb 2016, at 15:29, Larry Rosenman <l...@lerctr.org> wrote:
>>> On 2016-02-12 08:13, Larry Rosenman wrote:
>>>> sysctl net.inet.tcp.rfc1323=0
>>>> makes it work
>>> Shouldn't the stack do the right thing here?  For the record, the other side
>>> is also FreeBSD (10.2-STABLE).
>> Yes, but it’s possible that there’s a problem with the pf scrubbing of
>> the window scaling or timestamp options.
>> I have a vague recollection of having looked at that in the past.
>> Bug 172648 also claims there is/was an issue with checksums in that
>> case, but I’ve never been able to reproduce it.
>> Regards,
>> Kristof
> Ok.  Since I can reproduce this at will, and the 2 firewalls are pfSense, how 
> can I help?

I’ll still need to reproduce it locally to fix it, but it might be interesting 
to know if the packet is dropped by the router, or sent out again with an 
incorrect checksum.
Can you take a capture on the WAN interface and see if the TCP SYN makes it out 
(if it does, I’d expect the checksum to be wrong) or not?

freebsd-current@freebsd.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Reply via email to