TCP 3-way-handshake fails

[Axel Rau]

Hi all

I have a fancy behaviour on a FreeBSD 12.1 box, with
some servers (e.g. rsyslogd, nginx) which happens with
some clients, with others not (both are in the same sub-
nets). Everything is dualstack. Disabling IPv6, stops
the problem.
The traffic is routed via 2 firewalls OpenBSD 6.6)
and a VPN.

I attach 2 textfiles (tcpdump) with an extracted flow:

gw1, the OpenBSD side
db3: the FreeBSD side

I also include an example, where the problem
does not happen: db3,ok.txt

Which details needs to be collected to insulate
the problem?

Any help is very welcome,
Axel

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: gw1.32404.txt
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20191210/6f30fcc7/attachment.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: db3.32404.txt
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20191210/6f30fcc7/attachment-0001.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: db3.ok.txt
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20191210/6f30fcc7/attachment-0002.txt>
-------------- next part --------------

---
PGP-Key: CDE74120  ?  computing @ chaos claudius

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20191210/6f30fcc7/attachment.sig>