TCP Retransmission
TCP Retransmission
(OP)
I am working with a situation of slow performance on an application that we use.
I have taken packet captures of this application and noticed that there were a lot of retransmissions. When I look at the packets, there is an HTTPS packet and then like .000001 seconds later there is a TCP that says that it is a retransmission of the HTTPS packet.
Has anyone see anything like this before and if so what is the cause of it? This is saying that up to 50% of the packets are retransmitted.
Thanks for your help in advance.
Terry
I have taken packet captures of this application and noticed that there were a lot of retransmissions. When I look at the packets, there is an HTTPS packet and then like .000001 seconds later there is a TCP that says that it is a retransmission of the HTTPS packet.
Has anyone see anything like this before and if so what is the cause of it? This is saying that up to 50% of the packets are retransmitted.
Thanks for your help in advance.
Terry
RE: TCP Retransmission
RE: TCP Retransmission
Thanks.
RE: TCP Retransmission
RE: TCP Retransmission
The DF bit is set to 1 on both packets.
RE: TCP Retransmission
RE: TCP Retransmission
thanks for your help.
RE: TCP Retransmission
/
tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!
RE: TCP Retransmission
The DF bit means "Do not fragment".
Normally, if a router attempts to route a packet larger than the MTU size accepted by the next router, the first router will simply fragment the packet and send it as two packets instead. This places additional overhead on both the router and the destination host as well as creating a Murphy's Law situation at any firewall or filtering device the packet fragments have to traverse.
If the DF bit in the packet is set to 1, this means the first router is not allowed to fragment the packet. In this case, the router drops the packet, and sends a special ICMP "Destination unreachable" packet back to the packet's source, which decodes as "fragmentation needed and DF bit set" and includes the maximum MTU available for the path. The source host updates its registry with the new maximum MTU size and sends further packets at the right size.
That's my understanding of it, anyway.