On Wed, Jun 11, 2003 at 10:30:45AM +0100, Peter Galbavy wrote:
> 09:12:46.624222 213.155.153.61.39918 > 128.32.18.176.33113: . [tcp sum ok]
> ack 393217 win 62419 <nop,nop,sack 2 {451941:456081} {447889:449269} > (ttl
> 127, id 43371)
Hmm, SACK (RFC 2018, 1072).
I think normalization will ignore the related TCP options and leave them
intact. So does the sequence number tracking code, which might cause
problems. Right, Mike?
Can you enable debug logging (pfctl -x m, output in /var/log/messages) and
tcpdump an entire TCP connection (one that stalls). If you get state
mismatches, that is likely related to SACK. If you need a quick
workaround, you could disable SACK on that client.
Daniel
