On Tue, 14 Nov 2006, Marc Peters wrote:
> > What I wanted to say: notice how failinghost shrinks the TCP window to just
> > 46 bytes ("win 46"). That's not enough to fit the long path of the
> > directory change, so that stays in the network buffers of the firewall
> > waiting for failinghost to send an ACK with a bigger window size ("opening
> > up the window").
> >
> > Looks like failinghost is responsible for the stalled TCP connection.
>
> but i wonder, why it is working from the firewall-host (without proxy), from a
> host in the dmz or if i bypass ftp-proxy from the internal lan.
Yes, I wonder about that as well.
Can you tcpdump those working connections to failinghost?
