Refering to this question in the old Wireshark forum:
The issue is: Wireshark shows TCP frame length being much greater than the maximum TCP frame length of 1500 bytes.
The explanation is: "Probably you captured on the host that transmitted the oversized packet, and TCP Large Segment Offload [TSO] is enabled"
Now I found a good tutorial on how to disable TOS on Linux and I want to share it with you:
sudo apt install ethtool
ethtool --show-offload eth0 //shows, if tcp-segmentation-offload is enabled
sudo ethtool -K eth0 gso off
sudo ethtool -K eth0 tso off
I experienced the same just the other way around on the receiving client side, the reason for that was Large Receive Offload [LRO]. It can be disabled like this:
sudo ethtool -K eth0 tso off
Note that this step is only possible, when LRO isn't set as [FIXED]. You can check this with:
ethtool --show-offload eth0
large-receive-offload: on [fixed] //check in the output
