On Thu, Aug 7, 2008 at 10:10 PM, Rhys Frederick
<rhys dot frederick at gmail dot com> wrote:
> Most certainly possible, however the two subnets here are 100Mbit
> local area networks - I'd hope that latency should not be all that
> common. That said, however, at the time the packets get dropped I've
> noticed that at least one of the subnets gets very slow, even to the
> point that connecting to the firewall login page from the subnet can
> time out (normally seems to happen when there is large files being
> transferred over SMB). Can m0n0 provide details on retransmitted
> packets etc, or do i need to stick probes into each subnet?
>

That might be an ipfilter bug of some sort with its state keeping
possibly. What version are you running?  If it's 1.2x you should try
1.3 beta as it has a newer ipfilter.

Otherwise yeah I would plug my Ethernet tap, or get a SPAN port, on
both the ports and see what's really occurring when seeing the
behavior you describe.

-Chris