Application Acceleration
Highlighted
Application Acceleration

juniper packet reassembly problem ?

‎09-11-2011 08:20 PM

Hi All,


i'm seeing traces that suggest a feature in Juniper that may need
modifying ?

the background is that we're using oracle clients to connect to a db server
in hong kong. 

when we try to connect from within the local office through the
juniper router, the query will hang for about 10 minutes and a 
tcp rst will be sent to both hosts.

connecting from outside the office (eg: from home to wan to
hong kong) works.

the routers used are:
singapore - juniper ssg 140
hong long - cisco linksys wrt 54gs
 
-- start --

trace on client (singapore):
91 1.486782 singapore hong-kong TNS 609 Request, Data (6), Data
92 1.487070 hong-kong singapore TCP ncube-lm > fcmsys [ACK] Seq=13914 Ack=12916 Win=64980 Len=0
93 600.247192 hong-kong singapore TCP 1506 [TCP segment of a reassembled PDU]
94 600.247308 hong-kong singapore TCP 1506 [TCP segment of a reassembled PDU]
95 600.247326 singapore hong-kong TCP 54 fcmsys > ncube-lm [ACK] Seq=12916 Ack=16818 Win=65535 Len=0
96 600.247380 hong-kong singapore TCP 949 [TCP segment of a reassembled PDU]
97 600.247385 hong-kong singapore TCP 60 ncube-lm > fcmsys [RST] Seq=17713 Win=8192 Len=0

trace on server (hong kong):
86 1.530072 singapore hong-kong  TCP 60 15374 > ncube-lm [ACK] Seq=12361 Ack=13914 Win=63923 Len=0
87 1.530584 singapore hong-kong TNS 609 Request, Data (6), Data
88 1.530983 hong-kong singapore TNS 8209 Response, Data (6), Data
89 1.531061 hong-kong singapore TNS 3921 Response, Data (6), Data
90 1.623874 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=15366 Win=64083 Len=0
91 1.624105 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=16818 Win=62631 Len=0
92 1.625160 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=18270 Win=61179 Len=0
93 1.626325 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=19722 Win=59727 Len=0
94 1.643312 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=21174 Win=58275 Len=0
95 1.643537 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=22069 Win=57380 Len=0
96 1.643965 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=23521 Win=55928 Len=0
97 1.644193 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=24973 Win=54476 Len=0
98 1.644417 singapore hong-kong TCP 60 15374 > ncube-lm [ACK] Seq=12916 Ack=25936 Win=53513 Len=0
99 600.186789 singapore hong-kong TCP 60 15374 > ncube-lm [RST] Seq=12916 Win=0 Len=0

-- end --

on the client, after sending frame #91, it receives an ack in frame #92.
600 secs later, it receives the same ack from the server (same seq/ack).

on the server, wireshark reports that it is seeing acks from the client,
when the client was not sending anything.

it that perhaps the juniper router is reassembling the packets,
but somehow did not ack the last packet of 108 bytes ?

in the server trace, frame #88, #89 indicate that the server
has sent 8209 + 3921 bytes to the client.

starting with the last ack=13914 (#86), after the ack at #98 (ack=25936),
we should see one more frame with ack = 26044 (13914 + 8209 + 3921) ?

and then at 600.247192, the router in hong-kong resent the
request. the client starts processing the packets, but just before
that (600.186789 secs), the server sees a RST from the 
juniper router.

why is juniper not acking the last packet ?
why was it the one sending the RST, when it had not ack 
the last frame?

am i reading the trace correctly, or is the understanding 
incorrect ?

Thanks very much in advance for helping,
sam

4 REPLIES 4
Highlighted
Application Acceleration

Re: juniper packet reassembly problem ?

‎09-11-2011 08:58 PM

 

Hi Sam,

 

Please let me know, if you are observing the behavior with the WXC (WAN Accelerators) in your network?

 

If not, then i feel, this is not the right forum to post this question. Please do let us know.

 

Thanks,

Magesh S.

Juniper Networks

Advanced JTAC Engineer - WX/MFC

 

Highlighted
Application Acceleration

Re: juniper packet reassembly problem ?

‎09-11-2011 09:14 PM

Hi Magesh,

 

how can i check ?

 

which other forums should i post this to ?

when i looked at the list, it wasn't obvious

which one the question might belong to,

hence punting to this one .. 

 

am new to network switches ..

 

sorry,

sam

Highlighted
Application Acceleration

Re: juniper packet reassembly problem ?

‎09-11-2011 09:55 PM

 

Hi Sam,

 

No issue, i will guide you. As you said you have SSG firewall , you can post the query to the "ScreenOS Firewalls" forum.

 

The list of forums are available in the below link,

 

http://forums.juniper.net/t5/Forums/ct-p/Forums

 

Please ensure which device is causing this and accordingly post it in the right forum.

 

I hope this helps.

 

Thanks,

Magesh S.

Juniper Networks

Advanced JTAC Engineer - WX/MFC


 

 

Highlighted
Application Acceleration

Re: juniper packet reassembly problem ?

‎09-11-2011 10:36 PM

Thanks Magesh,

 

have posted it to the firewalls forum.

 

thanks again for your prompt assistance,

cheers,

sam

 

Feedback