[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-pf
Subject:    Re: ECN congestion with SSL and SSH
From:       Serge Basterot <sb () wo-do ! com>
Date:       2007-10-04 15:41:41
Message-ID: 20071004154141.GA24967 () 10349-1 ! bsws ! de
[Download RAW message or body]

On Thu, Oct 04, 2007 at 10:22:29AM +0200, Serge Basterot wrote:
> On Tue, Oct 02, 2007 at 09:27:47AM -0500, Karl O. Pinc wrote:
> > 
> > On 10/02/2007 08:37:22 AM, Serge Basterot wrote:
> > >Hello list,
> > >
> > >I have a problem with a soekris 4801 machine. Outgoing SSL and SSH
> > >connections are impossible with it.

[...]

In fact I succeed with ssh from the lan. It appears that it's
impossible to do any tcp connection from the router itself (I can't
even do a ssh on the external interface). When the router receive an
ack, this is like it doesn't take it in count and resend the initial
syn packet until the timeout.

I have another machine elsewhere with a similar pf setup and it works
well there.

> I would like to do something with pf that's why I did a simple altq
> setup with priq, but perhaps there are others possibilities I didn't
> see (or know) to solve this problem.

Now I don't know if it is related to pf. If it's not the case, sorry
for the noise.

-- 
Serge
[prev in list] [next in list] [prev in thread] [next in thread]