TCP DUP ACK and TCP Spurious Transmissions

edit

Hey Wireshark People!!

We have a PC onsite that send OPC DA data over our network back to a windows box at our main site. The meraki S2S vpn is looking healthy and other devices onsite are working fine. Windows\mapped drives etc

The data is reported to a scada dashboard that give the enginees an easy to use system to monitor the engines . This connection keeps dropping. The meraki is working fine. no link flaps. VPN disconnects / reconnects. (ping path ping and Nmap connect from the server to the machine) I believe this issue is the machine. I can ping it ok and can vnc to it but is very slow i mean antiquated. its a Win 2k box!!

From the wireshark file we are seeing alot of Dup ack and re-transmissons 119 34.917119 10.32.0.151 180.1.4.41 TCP 1446 [TCP Retransmission] 38080 → 26254 [ACK] Seq=359 Ack=3831 Win=65535 Len=1392 124 43.729276 10.32.0.151 180.1.4.41 TCP 1446 [TCP Retransmission] 38080 → 26254 [ACK] Seq=359 Ack=3859 Win=65507 Len=1392

I was wondering if you guys could give any insight as to what this could be

The pc onsite is connect to the meraki via a HP Procurve. This has no Vlans so a flat network. Tomorrow i am going to check the procurve interface to see if there are any runts, collision errors, fcs errors etc

Any assistance you could give i would be very grateful!

Regards

Daniel Schindler

Jack of all trades and eternal Optimist