Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

very low TCP RTOs

Hi there, i'm new to the wireshark community and looking for some help.

Since a few weeks, users in my company are complaining about slow SSH connections to linux servers. They work from a distant network ( MPLS or VPN). The whole infrastructure (servers & switching) is in a datacenter, carried by some Nexus 5000 and Nexus 2000 with multiples Vlans. The routing is managed by an old fortigate F1240B, which has not been updated since v5.0

After capturing some traffic, I see that I get a huge amount of TCP retransmission, and not only for SSH connections. Looking deep into the tcp frames, I see that the initial RTO is between 1 and 5 µS which looks very low to me. After

Are such RTO normal ? If no, what can cause this and how can I solve this problem ?

Any help would be appreciated. I searched hours on the web but could find any answers..

As I understand, RTOs are defined by TCP and not applications or OS ?

very low TCP RTOs

Hi there, i'm new to the wireshark community and looking for some help.

Since a few weeks, users in my company are complaining about slow SSH connections to linux servers. They work from a distant network ( MPLS or VPN). The whole infrastructure (servers & switching) is in a datacenter, carried by some Nexus 5000 and Nexus 2000 with multiples Vlans. The routing is managed by an old fortigate F1240B, which has not been updated since v5.0

After capturing some traffic, I see that I get a huge amount of TCP retransmission, and not only for SSH connections. Looking deep into the tcp frames, I see that the initial RTO is between 1 and 5 µS which looks very low to me. After low.

Are such RTO normal ? If no, what can cause this and how can I solve this problem ?

Any help would be appreciated. I searched hours on the web but could find any answers..

As I understand, RTOs are defined by TCP and not applications or OS ?