<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.10.1">
</HEAD>
<BODY>
On Wed, 2006-07-05 at 19:06 +0200, Roberto Ragusa wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">Chris Linton-Ford wrote:</FONT>
<FONT COLOR="#000000">> Hi Roberto,</FONT>
<FONT COLOR="#000000">> </FONT>
<FONT COLOR="#000000">> Changing the MTU size didn't help, but disabling tcp_window_scaling did</FONT>
<FONT COLOR="#000000">> the trick. Having looked around various groups, it sounds like this is a</FONT>
<FONT COLOR="#000000">> problem with the 2.6.17-1.2139 kernel; is it a better idea for me to</FONT>
<FONT COLOR="#000000">> permanently disable window scaling on our machines or wait until a fix</FONT>
<FONT COLOR="#000000">> comes out for the kernel? Is window scaling a Good Thing?</FONT>
<FONT COLOR="#000000">I think the fix is needed on your OpenBSD firewall, according to this:</FONT>
<FONT COLOR="#000000"> <A HREF="http://kerneltrap.org/node/6723">http://kerneltrap.org/node/6723</A></FONT>
<FONT COLOR="#000000">David Miller: "Window scaling has been standardized and around for 14</FONT>
<FONT COLOR="#000000">years, RFC1323 was published in May of 1992. How much longer can we wait</FONT>
<FONT COLOR="#000000">or it to be deployed properly? :-)"</FONT>
<FONT COLOR="#000000">Window scaling is a good thing, because it improves speed on fast</FONT>
<FONT COLOR="#000000">connections to distant sites; the problem is that if an intermediate</FONT>
<FONT COLOR="#000000">node is buggy there are problems.</FONT>
<FONT COLOR="#000000">The same thing happened for ECN.</FONT>
<FONT COLOR="#000000">Best regards.</FONT>
<FONT COLOR="#000000">-- </FONT>
<FONT COLOR="#000000"> Roberto Ragusa mail at robertoragusa.it</FONT>
</PRE>
</BLOCKQUOTE>
<BR>
I'll have a play around with the settings on the firewall, but it seems to be more likely to be something in between, as it happens with very few websites. On the other hand, I've been stung in the past by OpenBSD's overzealousness.<BR>
<BR>
Thanks again for your help,<BR>
<BR>
Chris
</BODY>
</HTML>