I would say that a certain level of TCP retransmissions and duplicate acks are expected, especially over the internet with multiple routing paths and non-reliable delivery.
Of course, we do not want to see too high a proportion of these! What overall rate of retransmissions do you have in this tcp stream?
Adjusting the window size would need to be done on both end-points - this would effectively increase the data pipe between the hosts before they require acknowledgement so in effect you would be able to increase the tcp throughput. I'm not sure if this is a good idea over the internet however, as reliability is never guaranteed so you could see more lost acknowledgements but for larger windows, hence higher payload retransmissions required and degraded performance.
I have often asked myself this question - and it seems logical that the answer may be different applications have different levels of tolerance for the level of TCP retransmissions. So there may not be any hard and fast acceptable threshold for retransmits (that I can find), I would be concerned at anything above 5-10% for sure!
See this post over on ethereal.com, discussing the same thing:
はじめに確認方法Version による Application name の変更について備考参考情報 はじめに本ドキュメントでは Cisco SD-WAN における Policy 上で設定可能な Application を確認する方法について記載しています。 確認方法サポートされている Application name についてはご使用されている vManage へ API を呼び出して確認することが可能です。https://<IP or FQDN>/...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where the spok...
On 24th August 2021, Cisco announced the latest IOS XE release - Cisco IOS XE Bengaluru 17.6.1a
IOS XE 17.6.1a unlocks various routing features and enhancements comprehensively covering different technology segments such as voice, security,...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where th...
SummaryRequirementsConfiguration StepsVerificationFAQTroubleshootingReferences & Tools
In the past when IOS 12.x was hot stuff we used MD5 to authenticate OSPF neighbors. This worked great on ethernet networks because OSPF is a m...