Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    File transfers larger than about 1.5 MB fail

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 963 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      amnixed
      last edited by

      Hello List,

      I have 2.0.3-RELEASE (i386) on a m1n1wall, connected with Verizon PPPoE and a static IP address.

      Lately, transfers of files with sizes larger than about 1.5 MB fail. I tried scp and mail/submission/STARTTLS.

      Packet capture shows that after the last packet is sent by the m1n1wall, the remote server sends a number of ACKs, but nothing from the m1n1wall again. I also noticed that the packet capture output is full with "Bad checksum" and "Window is full" entries. I have checked "Disable hardware checksum offload", but it did not make a difference.

      During failed file transfers, my ssh windows also freeze and then lose connections - but m1n1wall indicates the interfaces up and I can keep pinging out with no packet loss.

      Apparently, only TCP is affected?

      Any ideas why file transfers larger than about 1.5 MB fail? Downloading is not affected…

      I'd appreciate your suggestions.

      1 Reply Last reply Reply Quote 0
      • A Offline
        amnixed
        last edited by

        Hello List,

        Update: I have uploaded the configuration of the misbehaving m1n1wall to an unused computer, and the file transfer problem I have described in the original post is no longer happening… hardware gone bad?

        1 Reply Last reply Reply Quote 0
        • P Offline
          phil.davis
          last edited by

          If you have asymmetric routing happening, then you will get small downloads, but anything that lasts a while will be a problem. If pfSense does not see all the packets in both directions of the state it won't be able to keep track of it, and will time it out.
          Do you have some interesting/unusual interconnection of subnets?
          But the packet capture sounds like you are seeing packets in both directions, and the other errors sound like maybe there is some other issue with loads of data arriving in a rush or…

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • A Offline
            amnixed
            last edited by

            Thanks for your reply.

            We don't have asymetric routing. There is just one LAN. pfSense acts as the NAT, firewall with less than a dozen rules, and DHCP server.

            I still have the packet capture file; I'd be happy to upload it to a place which is convenient for you.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.