Issue with a TCP stream
Hello everyone,
I have an issue with a client establishing a connection to an Oracle database and I'm struggling to find what the root cause is.
The Oracle handshake does not complete and it seems that some segments are dropped but I cannot figure out which ones. Here is a printscreen of the TCP stream :
TCP not OK:
The thing I don't understand is the that the server seems to ACK every segment the client sent to it. From my understanding, segments 13 and 14 say "I have received the segment 455 and also the segments from 456 to 626". So why after this the client starts the Retransmission of the TCP segment 626 ?
It is important to note that the client and the server are connected through an IPsec tunnel.
I had the occasion to test the connection through another VPN tunnel (other equipments, other line) and I didn't have those issues. Here is another printscreen of the TCP stream through the 2nd VPN tunnel (working fine) :
TCP OK:
Could someone help me pinpoint what the issue could be ?
Also, I'm very interested to know if my interpretation of the TCP stream is correct or not.
Thanks a lot !
Hi Graham!
First thing that comes to mind: what's the MTU settings on this?
Can you disable TNS dissection (we don't care about that), so that we get to see the TCP info column. Or better yet, can you share the capture files through some public file sharing site and post these links instead of the screenshots.
Hello Jaap,
Thank you for your answer.
Please find the printscreen without the TNS dissection :
I hope you don't mind I'm a bit reluctant to share the whole capture but I'll happily provide any information needed.
I have tested the MTU size (ping -f -l ...) and the results are the following :
Could the issue be related to the MTU ?
Thanks !
Yes, it could. That's always a thing with tunnels.