Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
970
Views
21
Helpful
10
Replies

Retransmission flood of FIN, ACKs from DNS server...

Go to solution
jmaxwellUSAF
Contributor
Contributor

‎01-22-2023 02:45 PM - edited ‎01-22-2023 02:45 PM

Please view attached image.

x.20 is a DNS server.
x.52 is my workstation.
x.1 is the default gateway.

What is the most likely cause of this TCP retransmission flood of [FIN, ACK]s from the DNS server to my workstation?

Isn't the FIN, ACK the very end of the conversation?
Why would the DNS server keep sending these FIN, ACKs?

Thank you.

Labels:
Preview file
147 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP
In response to jmaxwellUSAF

‎01-24-2023 10:24 AM

hgfhfghfghfghfghgfh.png

I run lab and as I guess from first time, 
my lab R3 have default GW R1, I disable IP redirect in R1 
R3 now connect to R4 (TCP traffic)
you can see many re-transmission, 

so in your case you must solve Default GW and the issue will be solve.

View solution in original post

10 Replies 10

Go to solution
MHM Cisco World
VIP
VIP

‎01-22-2023 02:55 PM

why there is ICMP redirect ? 
are you run HSRP or ASA HA ??

Go to solution
jmaxwellUSAF
Contributor
Contributor
In response to MHM Cisco World

‎01-22-2023 03:26 PM - edited ‎01-22-2023 03:29 PM

Please standby.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to jmaxwellUSAF

‎01-22-2023 04:11 PM

I always standby captain. LoL..
anyway, why I ask about icmp redirect, 
icmp redirect can cause if you have L3 device better than GW to forward the packet to destination. 
if we can solve this issue, I think you will not see anymore TCP retransmission.

do traceroute and check if first hop is same or there are two hops appear ??

Go to solution
jmaxwellUSAF
Contributor
Contributor
In response to MHM Cisco World

‎01-22-2023 04:54 PM - edited ‎01-23-2023 08:37 AM

Traceroute to DNS server...

1 <1 ms <1 ms <1 ms (! 9300 SwitchStack x4) This is x.x.x.1 (a vlan)
2 <1 ms <1 ms <1 ms (! 2960 router on same LAN= DMVPN)
3 10 ms 10 ms 10 ms (! 2951 DMVPN router at remote campus)
4 10 ms 10 ms 11 ms (! Nexus 9K at remote campus, HSRP)
5 10 ms 11 ms 10 ms (!  x.x.x.20 DNS server)

0 Helpful

Go to solution
jmaxwellUSAF
Contributor
Contributor
In response to MHM Cisco World

‎01-23-2023 09:11 AM

This link is very helpful here...

Understand ICMP Redirect Messages - Cisco

0 Helpful

Go to solution
jmaxwellUSAF
Contributor
Contributor

‎01-24-2023 05:21 AM

If it helps, below is the traceroute from my workstation to the DNS server...

1 <1 ms <1 ms <1 ms (! 9300 SwitchStack x4) This is x.x.x.1 (a vlan)
2 <1 ms <1 ms <1 ms (! 2960 router on same LAN= DMVPN)
3 10 ms 10 ms 10 ms (! 2951 DMVPN router at remote campus)
4 10 ms 10 ms 11 ms (! Nexus 9K at remote campus, HSRP)
5 10 ms 11 ms 10 ms (!  x.x.x.20 DNS server)

May you please help?

Thank you.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to jmaxwellUSAF

‎01-24-2023 10:24 AM

hgfhfghfghfghfghgfh.png

I run lab and as I guess from first time, 
my lab R3 have default GW R1, I disable IP redirect in R1 
R3 now connect to R4 (TCP traffic)
you can see many re-transmission, 

so in your case you must solve Default GW and the issue will be solve.

Go to solution
Georg Pauwen
VIP
VIP

‎01-25-2023 02:18 AM

Hello,

just out of curiosity, has this been resolved ? DMVPN issues often have to do with MTU size. If the issue still exists, post the DMVPN configs you are using at the hub and the spoke.

Go to solution
jmaxwellUSAF
Contributor
Contributor
In response to Georg Pauwen

‎01-25-2023 05:42 AM

Thank you for your interest, Georg.

 

What commands would you like to see?

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to jmaxwellUSAF

‎01-25-2023 10:39 AM

Hello,

so the issue is still there ? What I would need to see is the output of 'sh run' of both the DMVPN hub and spoke routers...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents