On Wed, 23 Aug 2006, Nicholas Miell wrote:
Now, this appears to be a Juniper JUNOS bug (and our Juniper SE is going to open a case), but what could have changed between Linux kernels 2.6.15 and 2.6.17 that would trigger it? I'm hoping to narrow this down somehow to help Juniper find the problem.
IIRC, 2.6.17 had some changes to TCP window scaling which breaks on some stupid NAT/firewall/load balancing appliances. (And some versions of BSD pf, apparently.)
FWIW, we experienced breakage with Cisco's IOS Firewall (FTP IP Inspect) in particular. Reducing the window size helped. The issue is being investigated.