Author: Francesco Pasqualini Date: To: Edward St Pierre CC: exim users Subject: Re: [exim] incoming message lost
The mailserver is dual core Athlon with common ethernet (not shure the model
at this time, the server is located to a customer)The firewall is a Zyxel
Zywall 35.
but what are the problems if I leave tcp_window_scaling=0 ?
thanks
On Thu, Jan 29, 2009 at 5:06 PM, Edward St Pierre <edward.stpierre@??? > wrote: >
> 2009/1/29 Francesco Pasqualini <frapas@???>
>
> On Wed, Jan 28, 2009 at 5:37 PM, Brett Parker
>> <iDunno@???>wrote:
>>
>> > On 28 Jan 11:26, Francesco Pasqualini wrote:
>> > > net/ipv4/tcp_window_scaling=0
>> >
>> > If that fixes it it suggests that you're hitting a broken
>> > firewall/router on the way that doesn't pass on TCP/IP window scaling
>> > information and breaks it...
>>
>>
>> I agree !
>>
>> But I don't know what I have to fix at firewall level ?
>>
>> What are the tcp/udp port involved ?
>>
>> The exim4 is behind a firewall in a DMZ with private IP adress NAT (port
>> fowarding).
>>
>> Unfotunately we have only 1 public IP (the firewall one)
>>
>> Maybe I have to forward some port (ICMP ?? but then I cannot ping the
>> firewall) from the firewall to the mail server.
>>
>> What you think ?
>>
>>
> I have had these problems before but it was related to the firewall
> dropping packets where the window scaling was not 100% compliant. But I
> later found that the load balancer was padding the Ethernet frame but it was
> not the correct length.
>
> This was using a Fortigate with an NP2 accelerated NIC's and and Foundry
> Load Balancer.
>
> Just out of interest what is being used in your environment?
>
> --
> ESP
>