Re: [CentOS] File retrieval from outside hangs, internally is okay, only Centos5 affected

As it turns out, the problem goes away if I use old-fashioned iptables, that is without connection tracking. Go figure!

Take home lesson is do not use connection tracking iptables behind a Cisco FireWall Service Module.

Is this just to be accepted as canon, or can somebody actually explain to me WHY?

best regards, Bent

On 10/8/07, Bent Terp bent@nagstrup.dk wrote:

The only thing which shows up is that the client start sending duplicate ACK's, getting "Destination unreachable" as reply from the server (not from the Cisco). This happened 220 KB into the transfer in this case, but that figure varies quite a bit.