Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
470
Views
4
Helpful
4
Replies

inbound packet loss TCP SYNs

paul.matthews
Level 5
Level 5

‎08-10-2004 06:03 AM

You'll be fed up of me soon!

I have a CSS 11800 running ap0500063 (old I know but there are political reasons making an upgrade awkward) that seems to ignore some TCP SYNs for no apparent reason.

The symptoms are that occasionally part of a website (odd that it is normally one of 2 images) fails to display.

Looking at a sniffer trace (I only have one near the client, it has been reported to be seen adjacent to the CSS) where I can see traffic going backwards and forwards, but one SYN is ignored, even when it is retried. The llama debug set to:

flow trace-ip 80.40.30.182 (client IP)

flow options 0x00000131

(advice from http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_tech_note09186a0080094ebf.shtml)

shows no sign of the inbound syn.

It just seems to be syns that get ignored...

Any thoughts?

Labels:
0 Helpful
4 Replies 4

Gilles Dufour
Cisco Employee
Cisco Employee

‎08-10-2004 08:24 AM

Paul,

would be good to know what type of content rule you are using as it makes a big difference.

About flow trace-ip on the 11800, do you see the other syn's ? or nothing at all ?

Thanks,

Gilles.

0 Helpful

paul.matthews
Level 5
Level 5
In response to Gilles Dufour

‎08-10-2004 11:52 PM

The sanitised version of the rule is below.

I am pretty sure I saw other SYNS, but as I was seeing other traffic on the connection, I was not specially looking for the SYNs.

content

protocol tcp

port 80

url "//www..info/*"

no persistent

add service serv01_http

add service serv02_http

balance aca

vip address 172.19.111.56

active

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to paul.matthews

‎08-11-2004 07:28 AM

Paul,

this is standard config.

A L5 rule, so the SYN should be answered by the CSS itself and you should see it with the flow trace-ip command.

Unfortunately, there is no bug clearly matching your problem.

Do you see any error messages in the log ?

All I could recommend is an upgrade to 6.10 to get the new queueing system to will solve a lot of unecessary packet drops.

Regards,

Gilles.

paul.matthews
Level 5
Level 5
In response to Gilles Dufour

‎08-11-2004 12:20 PM

No messages in the log. I have started the political side of things to perform thr upgrade...

Thanks for the help.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card