2

I am trying to troubleshoot a performance issue between a client and a file server. When I look at the capture from the client, I see a weird behavior. I am trying to understand this weird behavior.

I know Out-Of-Order packet is received from the server when it did not receive the expected sequence number from the client. However, in my Wireshark capture, I see an Out-Of-order packet after a SYN message.Below is the screenshot of the trace file.

Trace File

Question 1: Why am I seeing the Out-of-Order packet after a SYN packet.

Secondly, I know Dup ACK is sent to client to intimate that the server has not received few segments and the Dup ack uses its SACK functionality to mention the segments that it has and the segments that is expects next.

Question 2: Why are we seeing Dup Ack from the client for the ACK packet that is sent from the client itself.

If a trace file is required, please do let me know. I will try to share. Any help would be greatly appreciated.

Improve this question
1
  • You should do a capture on the server and compare. It looks like your client is duplicating all the outbound packets for some reason. The server isn’t responding with out of order, wireshark is responding with “out of order,” based on the second, duplicate packet it sees from your client. Are the destination MAC addresses the same for both duplicate packets? All I can figure is that your client thinks it should be sending the packet to two different destinations. Maybe an IP conflict or network config issue.
    – Appleoddity
    Commented Jan 1, 2019 at 16:56

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .