client hangs no reset received

asked 2018-09-04 22:45:33 +0000

anonymous user


We have had some connectivity issues today with a few customers. Our customers have a application that calls rest API's on our servers. Pretty simple setup at our end; firewall (ASA) --> Switch --> Centos 6 box. Today a few clients have reported issues with the application hanging.

Capturing packets from the server, firewall and the client; what I think is happening is that the server fin,ack is not received by the client, and therefore "hangs". After a period of a minute or so, our application opens a new tcp connection to the server and continues as normal.

At the server end (on both the server and the Firewall)I can see the 'encrypted alert' (which I assume is our end sending TLS graceful teardown), some acks being sent by the client, then 7 retransmition of fin,psh, ack and then a rst,ack.

When capturing packets on the client end, I see all traffic up to the last ack the client send, but I don't see the fin ack, the retransmittions or the rst,ack at the end.

Its transient in nature, with tcp sessions proceeding the 'broken' one working as expected. It is a new issue and has been reported by ~15 clients today < ~0.2% of our customer base.

Has anyone run into anything like this?

edit retag flag offensive close merge delete


Did you try capturing on the egress and ingress interface of the firewall?

Is it possible the firewall no longer has the connection in the state table? (show conn)

Spooky gravatar imageSpooky ( 2018-11-06 03:36:30 +0000 )edit