Re: TCP Chat: Warnings and Notes

Rodrigo Marchina Soares · ‎08-01-2008

I am analysing a TCP Chat between workstations and a HTTP server (172.23.22.205).

I have noticed that some users have gotten problems to access the HTTP Server. So slow to put or get image files.

The communication way is the following:

Workstation -> router -> MPLS network -> router -> firewall -> packeteer -> router -> MPLS network -> router -> HTTP Server (172.23.22.205)

In the last traffic captured (in 10 minutes), I got the following notifications:

- 3850 TCP Chats

- 201 Warnings: like "TCP Previous segment lost", "TCP out of order segment"

- 586 Notes: like "TCP Dupl ACK", "TCP Retransmission"

Is that OK or do I have to improve the network ?

I think that the server is not supporting so many connections.

I saw that some ICMP packets was lost (1 or 2%) when I start a ping from firewall -> router -> MPLS network -> workstation

Please, help me in this issue.

andrew.prince · ‎08-01-2008

Check the MTU settings on the workstations, also capture a typical tcp session to the server and see what MSS is being negotiated, then make sure the MTU along the path is higher than the MSS.

HTH>

Rodrigo Marchina Soares · ‎08-04-2008

MSS and MTU is not modified.

I have seen other things:

There is QoS only for AF11 and AF12 to all kind of protocols.

I think the application of the user must have a specific QoS (priority).

What do you think?

Is fault of QoS a possible chance of dup ACK, retransmission and TCP out of order in the network?

andrew.prince · ‎08-05-2008

it could be the QoS policy is dropping, or remarking packets at a certain level to drop later!

You need to have a look at the config end to end!

HTH>