The largest pings I can get across are 1400 bytes. And I have seen the SSH connection hang when doing a
. So that definitely sounds like the problem! How would I fix it, though? Shouldn't the connection break up large packets into fragments automatically?
If the application sets the DF (don't fragment) flag in the IP header, then the device may not fragment the packet, but in stead should send an ICMP message informing the sender that the packet was discarded, by whom, and what the MTU of the next hop is.
I think most applications use DF bit because they want to use path mtu discovery.
Networks that discard all ICMP break this.
Your best bet is to use the clamp MSS feature.
In IPv6 - there is no fragmentation allowed ever, so definitely make sure your networks can either use PMTU discovery or else you can clamp the MSS yourself.
In your case, though, it seems that the server on the far end is the one with broken PMTU.
Poorly-configured load balancers at data centers will break pmtu discovery....