> I have a really weird problem with some of my servers, namely all the > ones running Centos5 > > When I try to download a file from the server to a machine outside our > Cisco 6500 router/firewall, the download hangs about half the times > (15 out of 40) when less than half a megabyte into the transfer > (varied from 76 kb to 496 kb). > > One server has a portchannel (Cisco speak for ethernet bundle), others > do not, some use e1000, some use broadcom, I've tried httpd and scp > transfers, I've tried from three different clients, > > Here's the really annoying part: the problem only occurs when > downloading from outside the firewall, not when transferring files > internally in the serverroom! And the switch is the firewall is a > modular chassis, so the data comes over the same backplane regardless. > > And there's 42 files in /proc/net/sys/ipv4 which differ between EL4 > and Centos5, so I'm a little lost here > > Anybody got some ideas? Just to state the obvious (well, obvious to me), which you don't seem to have mentioned above: The filtering part of the 6500 is dropping the traffic, and is dropping it because of something that Centos 5 is doing differently from EL4. I think there was a post to this list just last week about something similar; I don't have time to search the archive, but it is something to do with a TCP option/extension which is on in Centos 5, but can be turned off via a setting in /proc somewhere; the extension should be acceptable to all firewalls/routers (uses a previously unused few bits in the TCP header), but some decide it's not valid and drop packets/connections. Craig Miskell ======================================================================= Attention: The information contained in this message and/or attachments from AgResearch Limited is intended only for the persons or entities to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited by AgResearch Limited. If you have received this message in error, please notify the sender immediately. =======================================================================