Quoting luv-main@luv.asn.au (luv-main@luv.asn.au):
Reading this: https://ucrtoday.ucr.edu/39030 which is doing the rounds on some lists,
http://www.theregister.co.uk/2016/08/10/linux_tor_users_open_corrupted_commu... https://lwn.net/Articles/696868/ (subscriber-only until next week) I suspect the best interim solution (as the UCR Today article suggests) is to set /proc/sys/net/ipv4/tcp_challenge_ack_limit=999999999 via sysctl, until something better-thought-out than RFC 5961 comes out. An actual fix[1] is in the 4.7 but not yet in the stable kernel series. [1] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75... -- Cheers, Grossman's Law: "In time of crisis, people do not rise to Rick Moen the occasion. They fall to the level of their training." rick@linuxmafia.com http://linuxmafia.com/~rick/lexicon.html#grossman McQ! (4x80)