Comment 3 for bug 2049993
Revision history for this message
| Bernhard Riegler (riegler-b) wrote Re: tcp has MSS=1460, but TLSv1.3 payload is overshooting maximum segment size | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
I have a stateless firewall (nft) which drops ip.len>1500 input ethernet frames.
therefore you see TCP flow control with resend data.
filter the wireshark trace with "ip.len>1500"
all the input ethernet frames (destination ipv4 10.0.0.2) seen in wireshark trace
are dropped in nft filter hook ingress.
filter the tcp connection.