Vlad Doubrov <vlad@vtx.ru> wrote: > > 09:39:25.563302 80.x.x.177.41280 > 62.x.x.217.http: . ack 5841 win 0 > 09:39:25.776159 62.x.x.217.http > 80.x.x.177.41280: . ack 109 win 5840 (DF) > 09:39:25.793513 80.x.x.177.41280 > 62.x.x.217.http: . ack 5841 win 0 > ..................... That's clearly a NOC spoofing proxy which improves performance over satellite, especially in the presence of non-congestive packet loss. > And this is the tunnel one: > > [root@ve0 root]# tcpdump -i tun0 -n port http > tcpdump: listening on tun0 > 09:12:15.383072 62.x.x.219.40761 > 62.x.x.217.http: S > 1487389279:1487389279(0) win 5840 <mss 1365,sackOK,timestamp 2435965 > 0,nop,wscale 0> (DF) > 09:12:15.383101 62.x.x.217.http > 62.x.x.219.40761: S > 3836440495:3836440495(0) ack 1487389280 win 5792 <mss 1460,sackOK,timestamp > 56497361 2435965,nop,wscale 0> (DF) This is too short. Please send me the complete dump privately or put it up on the web. > My end runs at linux 2.4.27. Server end runs the same system currently, but > I've tried another server wich I have access to, it runs linux 2.4.20 or so. OK, I suspect packet loss might be playing a role here. The complete dump should tell us what the problem is. -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
