Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

client hangs no reset received

We have had some connectivity issues today with a few customers. Our customers have a application that calls rest API's on our servers. Pretty simple setup at our end; firewall (ASA) --> Switch --> Centos 6 box. Today a few clients have reported issues with the application hanging.

Capturing packets from the server, firewall and the client; what I _think_ is happening is that the server fin,ack is not received by the client, and therefore "hangs". After a period of a minute or so, our application opens a new tcp connection to the server and continues as normal.

At the server end (on both the server and the Firewall)I can see the 'encrypted alert' (which I assume is our end sending TLS graceful teardown), some acks being sent by the client, then 7 retransmition of fin,psh, ack and then a rst,ack.

When capturing packets on the client end, I see all traffic up to the last ack the client send, but I don't see the fin ack, the retransmittions or the rst,ack at the end.

Its transient in nature, with tcp sessions proceeding the 'broken' one working as expected. It is a new issue and has been reported by ~15 clients today < ~0.2% of our customer base.

Has anyone run into anything like this?