Network traffic problem ---- packet loss

Discussion in 'Cisco' started by bensonlei@yahoo.com.hk, Oct 12, 2005.

  1. Guest

    Hi,
    I have setup a complicated network as the following:

    (SiteA)PIX506E ---> (SiteB)[PIX515E + Router1 ] ----> SiteC[Router2 +
    LAN ]


    1. SiteA + SiteB = VPN Tunnel
    2. SiteB + SiteC = Routable Traffic
    3. Traceroute and ping are working properly between tree sites.
    4. domain name can be resolved between sites

    I found that some packets lost ( from SiteA --> SiteC ), and the packet
    can not be retransmitted;
    But the packet can be retransmitted between SitA --> SiteB;


    The packet captured as the following :


    1. Packet can not be retransmitted ( SiteA -> SiteC ):

    Source Destination Protocol information
    172.27.29.80 172.28.0.99 SSLv2 Client Hello
    172.28.0.99 172.27.29.80 SSL [TCP Previous segment lost]
    Continuation Data

    172.27.29.80 172.28.0.99 TCP [TCP Dup ACK 178#1] 2161 > https
    [ACK] Seq=79 Ack=1 Win=65535 Len=0 SLE=1381 SRE=2223

    172.28.0.99 172.27.29.80 TCP https > 2161 [RST, ACK] Seq=2223
    Ack=79 Win=0 Len=0





    2. Packet can be retransmitted ( SiteA -> SiteB ):

    172.27.29.80 172.27.1.13 SSLv2 Client Hello
    172.27.1.13 172.27.29.80 SSLv3 [TCP Previous segment lost]
    Continuation Data, [Unreassembled Packet]

    172.27.29.80 172.27.1.13 TCP [TCP Dup ACK 215#1] 2223 > https
    [ACK] Seq=79 Ack=1 Win=65535 Len=0 SLE=1381 SRE=1548

    172.27.1.13 172.27.29.80 SSLv3 [TCP Retransmission] Server
    Hello, Certificate[Unreassembled Packet]

    172.27.29.80 172.27.1.13 TCP 2223 > https [ACK] Seq=79
    Ack=1255 Win=64281 Len=0 SLE=1381 SRE=1548

    172.27.1.13 172.27.29.80 SSLv3 [TCP Retransmission]
    Continuation Data, [Unreassembled Packet]

    172.27.29.80 172.27.1.13 SSLv3 Client Key Exchange, Change
    Cipher Spec, Encrypted Handshake Message

    172.27.1.13 172.27.29.80 SSLv3 Change Cipher Spec, Encrypted
    Handshake Message


    Anybody has idea what the problem happened to the network ?
    1. the Router blocks the packet transmission
    2. The firewall blocks the packet transmission
    3. the vpn tunnel blocks the packet transmission
    4. the MTU value between firewalls ?
    5. The VPN configuration has problem ?
    6. others

    Thank you so much for your input.
    Benson
    , Oct 12, 2005
    #1
    1. Advertising

  2. Craig Guest

    Re: Network traffic problem ---- packet loss

    Hi Benson,

    funny you should mention this. I've also just started seeing a similar
    problem. Though from internet clients to an SSL webserver.
    Again it's also via a PIX.

    Odly enough, it only happens with SSLv3 and TLS. SSLv2 seems to work
    just fine.

    Also oddly enough, it's happening for just one site on the server and
    not any of the others.

    My server is however NT4 with IIS.
    Have you gottent a response from anyone?

    Thanks
    Craig

    wrote:
    > Hi,
    > I have setup a complicated network as the following:
    >
    > (SiteA)PIX506E ---> (SiteB)[PIX515E + Router1 ] ----> SiteC[Router2 +
    > LAN ]
    >
    >
    > 1. SiteA + SiteB = VPN Tunnel
    > 2. SiteB + SiteC = Routable Traffic
    > 3. Traceroute and ping are working properly between tree sites.
    > 4. domain name can be resolved between sites
    >
    > I found that some packets lost ( from SiteA --> SiteC ), and the packet
    > can not be retransmitted;
    > But the packet can be retransmitted between SitA --> SiteB;


    [snip snip]
    Craig, Oct 31, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mike S

    wireless connection and packet loss problem

    Mike S, Sep 18, 2004, in forum: Wireless Networking
    Replies:
    0
    Views:
    2,999
    Mike S
    Sep 18, 2004
  2. Loren Amelang
    Replies:
    3
    Views:
    2,289
  3. Scott

    1841 Packet loss

    Scott, Mar 28, 2005, in forum: Cisco
    Replies:
    5
    Views:
    1,684
    Andrey Tarasov
    Mar 30, 2005
  4. Zed
    Replies:
    0
    Views:
    1,069
  5. nibauramos

    Packet loss problem - PPTP VPN

    nibauramos, Jul 27, 2010, in forum: Cisco
    Replies:
    0
    Views:
    1,477
    nibauramos
    Jul 27, 2010
Loading...

Share This Page