Hello, I have been trying to investigate an issue and was hoping for some help/guidance as I am only semi-familiar with using WireShark and analyzing network captures.
Summary of issue:
- System A makes API calls to System B on a regular basis.
- All of a sudden, these calls started to fail (all were failing). After roughly 36 hours, the calls started working again.
- During this time that the calls were failing we saw the following:
- If we sent an authenticated request to the API, it responded just fine with an unauthorized.
- Even if we sent an empty body with an authorized request, the system responded with an error (invalid request).
- It was only if we sent a real request with data that we would receive an error: "The underlying connection was closed: An unexpected error has occurred"
- We also noticed that if we tested the connection from a different machine (System C) during this time, that the API call worked correctly (no issue).
Based on the information above, we are thinking that the issue is somehow related to the machine mentioned as System A above. We were able to run a network capture and at the end I see a series of TCP DUP ACK and Retransmissions. I have tried to look into this, and have found mention of it possibly being packet loss or it could be fast retransmission. But I was hoping that someone with more expertise in this area could take a look and weigh in with their thoughts.
I was trying to attach the capture or an image, but I don't have enough points yet - so sorry I can't provide a visual.
Thanks!