Once upon a time, Nicholas Miell nmiell@comcast.net said:
IIRC, 2.6.17 had some changes to TCP window scaling which breaks on some stupid NAT/firewall/load balancing appliances. (And some versions of BSD pf, apparently.)
Thanks to all replies. It does appear related to TCP window scaling; add the Juniper JUNOS stateful firewall protocol algorithms to the affected list. We are working this with Juniper now (but this gives us a much better idea as to where to look).