Originally Posted by jggimi
Thank you very much! The good news:
- You aren't using jumbo frames -- which sometimes can be a problem for network components.
- The link is active, running 1000BaseT full-duplex and there are no local LAN errors recorded by the NIC (and confirmed by no IP protocol problems).
- There is no issue with network capacity: neither mbufs nor PF state table entries show a problem.
I do see what appears to be some TCP windowing and retry issues -- it is just a guess on my part but packet normalization within PF ("scrub") may be incorrectly configured. See the Packet Normalization
section of pf.conf(5) for details.
Thanks! I am going to dig in pf