Hi,Willy,
Oh and BTW, are you running with PF ? I have some old memories of PF abusively randomizing sequence numbers and preventing new connections from being initiated using a same source port from the came client. It was so odd that I had to disable it on my home reverse-proxy running OpenBSD! That is easy to test, simply run "pfctl -d" to disable it and test again.
I have the similar trouble as John. But I used ipfw instead of pf, as of haproxy can not bind mss size on FreeBSD, maybe use pf's scrub rule is a good idea.
BTW, pf has a state named sloopy, it does not check sequence numbers. Regards Simon
