Intermittent connections on ALL ports

[jduino]

I'm running 8.8.15p6 on CentOS7 on a VC at Linode. Longtime installation, many upgrades. Recently I have intermittent periods where I cannot connect to the server on any port (80,443,22,25,389) but only from my home's primary IP address. I can connect from other IP's in my /29, and other sites. This inability can last from a few seconds to minutes (but not knowing precisely when the lack of connection begins, tough to say). I have several devices that connect for mail (iphone, ipad, web browser) plus I use the ldap for auth on two internal websites. All would connect from my primary IP.
I also run fail2ban to slow down the bad actors.
Doing a tcpdump on the server's interface I can see the packets come in; no reply packet.
I would tend to lean toward thinking iptables is dropping, but I don't find any 'dynamic' rule being created (such as from fail2ban) that is popping up. I actually have my IP block 'whitelisted' in iptables.
Is there some other sort of DoS system I am missing that doesn't like all the connections? (in the grand scheme of things, it's not really all that many)
Any help would be appreciated!

[jduino]

More digging.
I have stopped firewalld and fail2ban with no change.
Stopping zimbra while unable to connect: initially no change, but after a few minutes I could connect again, and continued to be able to for about 15 min.
After starting zimbra back up, unable to connect. Waited about 20 seconds, and I can connect.

To be clearer, tcpdump shows only a single inbound. libpcap grabs packets BEFORE the firewall, and thus probably everything else that might filter connection/packets.
/var/log/secure shows nothing of interest (I'd think if PAM was filtering it would log here, but I'd also expect more than a single inbound packet if PAM were involved).