Hi,


To add to my own mail: it seems as if packets are not being
retransmitted. Here are some tcpdump logs to illustrate:

[tcpdump on external server NIC]
IP courbet.kerguelen.org.1639 > hydrogene.pps.jussieu.fr.ssh: S
1040155987:1040155987(0) win 49640 <mss 1460,nop,wscale
0,nop,nop,sackOK>
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: S
1140826741:1140826741(0) ack 1040155988 win 5840 <mss
1460,nop,nop,sackOK,nop,wscale 2>
IP courbet.kerguelen.org.1639 > hydrogene.pps.jussieu.fr.ssh: . ack 1
win 49640
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: P 1:42(41)
ack 1 win 1460
IP courbet.kerguelen.org.1639 > hydrogene.pps.jussieu.fr.ssh: . ack 42
win 49640
IP courbet.kerguelen.org.1639 > hydrogene.pps.jussieu.fr.ssh: P 1:21(20)
ack 42 win 49640
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: . ack 21
win 1460
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: P
42:650(608) ack 21 win 1460

These packets are all translated and dumped on the internal network,
according to a tcpdump on the internal server NIC, but a tcpdump on a
client on the internal network doesn't show the last packet! Then the
conversation goes on:

IP courbet.kerguelen.org.1639 > hydrogene.pps.jussieu.fr.ssh: P
21:389(368) ack 42 win 49640
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: . ack 389
win 1728
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: P
42:650(608) ack 389 win 1728
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: P
42:650(608) ack 389 win 1728
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: P
42:650(608) ack 389 win 1728
IP hydrogene.pps.jussieu.fr.ssh > courbet.kerguelen.org.1639: P
42:650(608) ack 389 win 1728

but only the first and second packets show up on the client.

Could this be the source of the problem (I'm not a TCP/IP expert,
unfortunately...)? It seems strange that packets disappear somewhere -
there's only a hub between the two NICs, not even a router or something
otherwise intelligent.

  Jaap