OK, so I found the solution, or at least a workaround to my bigger issue. It seems that the issues disappear when I check the "Clear invalid DF bits instead of dropping the packets" checkbox under System: Advanced: Firewall and NAT.
This gave me reason to scour through my old m0n0wall config, and low and behold, there is a shell command setting the WAN MTU lower than 1500. I don't understand why, because cable shouldn't be introducing any additional overhead. Maybe there's an issue with the ISP's equipment? I guess I will allow the fragmented packets for now... Thanks, Jiom
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
