"The problem stems from changes that were made to clean up the
TCP option code that were merged back in July as part of the 2.6.27
merge window. TCP options are a mechanism to expand the
functionality of the protocol as conditions change. There are a
handful of commonly used options that the two endpoints of a
connection can agree to use, for things like maximum segment size
(MSS), window scaling, selective acknowledgment (SACK), and
timestamps. Options have been added over time to provide more
internet robustness and performance as well as to support
higher-bandwidth physical connections.
"A perfectly reasonable, if unintended, consequence of the code
change was that the the options were put into the header in a
slightly different order. According to the relevant RFCs, options
can appear in any order in the option section of the TCP header.
But, some home and/or internet routers seem to expect a fixed
order; refusing to make connections if the order is "wrong". In
particular, it would seem that the MSS option needs to appear
before the SACK option."