Most likely those firewalls can't handle extended TCP options or they
are connected via a router with broken VJ header compression. Try
turning them off with:
for i in tcp_timestamps tcp_sack tcp_window_scaling ; do
echo 0 >/proc/sys/net/ipv4/$i
done
Those host will have problem with most new TCP stacks though.
Another possible explanation would be if they block all of ICMP, there
is a MTU <your interface MTU somewhere on the path and you
compiled your 2.0.36 without path mtu discovery. In this case you could
turn it off via /proc/sys/net/ipv4/ip_no_pmtu_disc, but I would recommend
against it. Not using path mtu discovery adds a significant cost to the
network.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/