Linux drops TCP segments of a connection that follow a SYN/ACK with timestamps set to 0
Issue
Internet servers responds to SYN sent by our proxy with a SYN/ACK packet that has both timestamps in TCP options (tsval/tsecr) set to 0. While the handshake completes, a future data segment from that server to us is dropped by TCP because it contains non-zero timestamp values, which triggers certain PAWS logic in Linux stack (more details follow).
Environment
Red Hat Enterprise Linux (RHEL) 6.6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.