On 2022-04-22, Laura Smith <n5d9xq3ti233xiyif...@protonmail.ch> wrote: > ------- Original Message ------- > On Friday, April 22nd, 2022 at 18:16, Peter J. Philipp > <p...@delphinusdns.org> wrote: > >> So that's weird becuase the 3-way handshake must have completed for nsd to >> reply a query. Meaning there was SYN's and ACK's being exchanged but perhaps >> a PUSH+ACK may not succeed through the pf rules? >> >> Don't post your firewall rules to the list, but study them :-) and correct >> them. > > > Thanks Peter. > > If I understand you correctly, I would need to be messing around with flags > a/b in my PF rules ? > > IIRC I'm not doing that, but I'll go and double check to be sure ! > > Laura
I think (though am not 100% sure) that there is a possibility this could happen if the client is extremely slow to respond and the PF state times out.
