17 Mar
2024
17 Mar
'24
9:35 p.m.
On 2024-03-15 Adam Thompson wrote:
Also if you want to be sure of avoiding all MSS issues, aim low, like 1024, instead of "just low enough" like 1396. You won't likely be able to measure the difference. -Adam
I did try lowering it a bit more. It turns out there were 2 problems (as usual): the mtu issue *and* some intermediate router in the double-nat had a really short conntrack keepalive. The latter was the fine-now-pauses-later problem and was overcome by setting stricter keepalive settings on sshd. (Should have remembered this, as I'm sure I've seen that before.)
All works great now!