I've got a weird HTTP connection issue with a particular site and I'm wondering if anyone here can lend some help. It appears to be a fragmentation issue, and I suspected our firewall (which I did not write, and am in the process of completely re-doing), since the site loads much faster from my home connection (Charter cable). However, our test machine at work (completely outside the firewall, stock Linksys WRT54G for a router) has the same issue. A summary of what happens is this: 1. Client (me) requests the index page from Server 1. 2. Server 1 (not related to Servers 2 and 3) acknowledges the request and sends a frameset containing a single HTML frame, the source of which is Server 2. 3. Client acknowledges the transfer. 4. Server 1 closes the connection. 5. Client requests frame source from Server 2 (one of the problem servers). 6. Server 2 acknowledges the request but sends no data. All of this happens within half a second. 7. 75 seconds later, Server 2 and Server 3 (the other problem server) start sending data for 4 more seconds - Client acknowledges all data. 8. Data transfer is interrupted again for about 16 seconds, after which one of data connections is closed. 9. 31 seconds later Server 2 resets the connection that was closed in #8. 10. 24 seconds later Client resets a connection from Server 3, which was never closed properly. Client waited 75 seconds before resetting the hung connection. 11. 20 seconds later Client resets a connection from Server 2. Client waited 75 seconds for data which it finally received from Server 2, and another 15 seconds before Server 2 closed the connection. I've Googled the 75 second delay and it seems that TCP times out 75 seconds after a SYN if no response is received. I've attached a summary of an Ethereal capture of the whole bit. If needed I'll post the iptables-save of the firewall script (which the list told me was too big to include with the rest of this). Thanks in advance for any help, Derick Anderson
"No.", "Time", "Source", "Destination", "Protocol", "Info" "1", "0.000000", "$CLIENT", "$SERVER1", "TCP", "2528 > http [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1460" "2", "0.026500", "$SERVER1", "$CLIENT", "TCP", "http > 2528 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0" "3", "0.026527", "$CLIENT", "$SERVER1", "TCP", "2528 > http [ACK] Seq=1 Ack=1 Win=65535 Len=0" "4", "0.026731", "$CLIENT", "$SERVER1", "HTTP", "GET / HTTP/1.1" "5", "0.059920", "$SERVER1", "$CLIENT", "HTTP", "HTTP/1.1 200 OK (text/html)" "6", "0.059944", "$SERVER1", "$CLIENT", "TCP", "http > 2528 [FIN, ACK] Seq=771 Ack=386 Win=17135 Len=0" "7", "0.059966", "$CLIENT", "$SERVER1", "TCP", "2528 > http [ACK] Seq=386 Ack=772 Win=65535 Len=0" "8", "0.061655", "$CLIENT", "$SERVER1", "TCP", "2528 > http [FIN, ACK] Seq=386 Ack=772 Win=65535 Len=0" "9", "0.072897", "$CLIENT", "$SERVER2", "TCP", "2529 > http [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1460" "10", "0.092607", "$SERVER1", "$CLIENT", "TCP", "http > 2528 [ACK] Seq=772 Ack=387 Win=17135 Len=0" "11", "0.131989", "$SERVER2", "$CLIENT", "TCP", "http > 2529 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460" "12", "0.132023", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=1 Ack=1 Win=65535 Len=0" "13", "0.132232", "$CLIENT", "$SERVER2", "HTTP", "GET /career.html HTTP/1.1" "14", "0.500592", "$SERVER2", "$CLIENT", "TCP", "http > 2529 [ACK] Seq=1 Ack=432 Win=65535 Len=0" "15", "75.264719", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 200 OK[Unreassembled Packet]" "16", "75.456533", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=432 Ack=1461 Win=65535 Len=0" "17", "75.536174", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "18", "75.542045", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "19", "75.542106", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=432 Ack=4381 Win=65535 Len=0" "20", "75.619316", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "21", "75.649086", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "22", "75.649130", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=432 Ack=7301 Win=65535 Len=0" "23", "75.650304", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "24", "75.768743", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "25", "75.768797", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=432 Ack=10221 Win=65535 Len=0" "26", "75.774518", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "27", "75.781763", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "28", "75.781813", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=432 Ack=13141 Win=65535 Len=0" "29", "75.860465", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "30", "75.860505", "$SERVER2", "$CLIENT", "HTTP", "Continuation or non-HTTP traffic" "31", "75.860531", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=432 Ack=14740 Win=63936 Len=0" "32", "75.947541", "$CLIENT", "$SERVER2", "TCP", "2545 > http [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1460" "33", "75.948074", "$CLIENT", "$SERVER2", "TCP", "[TCP Window Update] 2529 > http [ACK] Seq=432 Ack=14740 Win=65535 Len=0" "34", "76.023714", "$SERVER2", "$CLIENT", "TCP", "http > 2545 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460" "35", "76.023760", "$CLIENT", "$SERVER2", "TCP", "2545 > http [ACK] Seq=1 Ack=1 Win=65535 Len=0" "36", "76.023990", "$CLIENT", "$SERVER2", "HTTP", "GET /pgformat.css HTTP/1.1" "37", "76.107126", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "38", "76.116437", "$CLIENT", "$SERVER2", "HTTP", "GET /images/inside/header1.jpg HTTP/1.1" "39", "76.129076", "$CLIENT", "$SERVER2", "HTTP", "GET /images/inside/header_bk.jpg HTTP/1.1" "40", "76.176956", "$CLIENT", "$SERVER3", "TCP", "2546 > http [SYN] Seq=0 Ack=0 Win=65535 Len=0 MSS=1460" "41", "76.222303", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "42", "76.223850", "$CLIENT", "$SERVER2", "HTTP", "GET /flash/slogon.swf HTTP/1.1" "43", "76.250954", "$SERVER3", "$CLIENT", "TCP", "http > 2546 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460" "44", "76.251007", "$CLIENT", "$SERVER3", "TCP", "2546 > http [ACK] Seq=1 Ack=1 Win=65535 Len=0" "45", "76.251245", "$CLIENT", "$SERVER3", "HTTP", "GET /cdg_logos/copyright_ff9900.gif HTTP/1.1" "46", "76.293403", "$SERVER2", "$CLIENT", "TCP", "http > 2545 [ACK] Seq=213 Ack=759 Win=65314 Len=0" "47", "76.303854", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "48", "76.304177", "$CLIENT", "$SERVER2", "HTTP", "GET /images/pg_bottom.gif HTTP/1.1" "49", "76.353338", "$SERVER3", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "50", "76.393313", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "51", "76.413685", "$CLIENT", "$SERVER2", "HTTP", "GET /images/inside/header2.jpg HTTP/1.1" "52", "76.498965", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "53", "76.499959", "$CLIENT", "$SERVER3", "TCP", "2546 > http [ACK] Seq=385 Ack=212 Win=65324 Len=0" "54", "76.507137", "$CLIENT", "$SERVER2", "HTTP", "GET /images/inside/email.gif HTTP/1.1" "55", "76.599168", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "56", "76.600969", "$CLIENT", "$SERVER2", "HTTP", "GET /images/inside/right1.gif HTTP/1.1" "57", "76.684247", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "58", "76.686245", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_home.gif HTTP/1.1" "59", "76.774443", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "60", "76.776175", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_about.gif HTTP/1.1" "61", "76.856635", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "62", "76.858353", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_vending.gif HTTP/1.1" "63", "76.933925", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "64", "76.995914", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_market.gif HTTP/1.1" "65", "77.184927", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "66", "77.185953", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_foodprogram.gif HTTP/1.1" "67", "77.261122", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "68", "77.262928", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_fp_restraurant.gif HTTP/1.1" "69", "77.337958", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "70", "77.339832", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_coffee.gif HTTP/1.1" "71", "77.416408", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "72", "77.418323", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_fp_catering.gif HTTP/1.1" "73", "77.509342", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "74", "77.510428", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_fp_fresh.gif HTTP/1.1" "75", "77.597910", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "76", "77.599973", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_water.gif HTTP/1.1" "77", "77.705225", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "78", "77.716742", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_commisary.gif HTTP/1.1" "79", "77.788906", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "80", "77.791394", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_whats_new.gif HTTP/1.1" "81", "77.866489", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "82", "77.867918", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_coverage.gif HTTP/1.1" "83", "77.944560", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "84", "77.946413", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_career_f2.gif HTTP/1.1" "85", "78.030763", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "86", "78.032679", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_newsletter.gif HTTP/1.1" "87", "78.115318", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "88", "78.117103", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_contactus.gif HTTP/1.1" "89", "78.196407", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "90", "78.197446", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_disclaimer.gif HTTP/1.1" "91", "78.273103", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "92", "78.274977", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_privacy.gif HTTP/1.1" "93", "78.326198", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "94", "78.327992", "$CLIENT", "$SERVER2", "HTTP", "GET /images/inside/right2.gif HTTP/1.1" "95", "78.389657", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "96", "78.446504", "$CLIENT", "$SERVER2", "HTTP", "GET /images/nav_bottom.gif HTTP/1.1" "97", "78.501211", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "98", "78.503722", "$CLIENT", "$SERVER2", "HTTP", "GET /images/spacer.gif HTTP/1.1" "99", "78.556536", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "100", "78.567395", "$CLIENT", "$SERVER2", "HTTP", "GET /images/footer.gif HTTP/1.1" "101", "78.623008", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "102", "78.624759", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_home_f2.gif HTTP/1.1" "103", "78.683142", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "104", "78.684156", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_coffee_f2.gif HTTP/1.1" "105", "78.749428", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "106", "78.750144", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_vending_f2.gif HTTP/1.1" "107", "78.805877", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "108", "78.806892", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_water_f2.gif HTTP/1.1" "109", "78.863364", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "110", "78.864445", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_commisary_f2.gif HTTP/1.1" "111", "78.917696", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "112", "78.920160", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_coverage_f2.gif HTTP/1.1" "113", "78.978912", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "114", "78.979976", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_newsletter_f2.gif HTTP/1.1" "115", "79.055981", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "116", "79.057225", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_contactus_f2.gif HTTP/1.1" "117", "79.134726", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "118", "79.185304", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_disclaimer_f2.gif HTTP/1.1" "119", "79.264596", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "120", "79.265661", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_privacy_f2.gif HTTP/1.1" "121", "79.342586", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "122", "79.343278", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_about_f2.gif HTTP/1.1" "123", "79.427990", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "124", "79.429068", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_fp_fresh_f2.gif HTTP/1.1" "125", "79.501320", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "126", "79.502413", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_fp_restraurant_f2.gif HTTP/1.1" "127", "79.572636", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "128", "79.573721", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_fp_catering_f2.gif HTTP/1.1" "129", "79.646210", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "130", "79.646921", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_market_f2.gif HTTP/1.1" "131", "79.717796", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "132", "79.718906", "$CLIENT", "$SERVER2", "HTTP", "GET /images/button_whats_new_f2.gif HTTP/1.1" "133", "79.787876", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "134", "79.919764", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=17305 Ack=23980 Win=65115 Len=0" "135", "96.110082", "$SERVER2", "$CLIENT", "TCP", "http > 2529 [FIN, ACK] Seq=23980 Ack=17305 Win=65535 Len=0" "136", "96.110132", "$CLIENT", "$SERVER2", "TCP", "2529 > http [ACK] Seq=17305 Ack=23981 Win=65115 Len=0" "137", "127.802900", "$SERVER2", "$CLIENT", "TCP", "http > 2529 [RST] Seq=23981 Ack=4103994242 Win=0 Len=3" "138", "151.148601", "$SERVER2", "$CLIENT", "HTTP", "HTTP/1.1 304 Not Modified" "139", "151.148813", "$CLIENT", "$SERVER3", "TCP", "2546 > http [RST, ACK] Seq=385 Ack=212 Win=0 Len=0" "140", "151.333419", "$CLIENT", "$SERVER2", "TCP", "2545 > http [ACK] Seq=759 Ack=423 Win=65113 Len=0" "141", "167.825445", "$SERVER2", "$CLIENT", "TCP", "http > 2545 [FIN, ACK] Seq=423 Ack=759 Win=65535 Len=0" "142", "167.825483", "$CLIENT", "$SERVER2", "TCP", "2545 > http [ACK] Seq=759 Ack=424 Win=65113 Len=0" "143", "171.148273", "$CLIENT", "$SERVER2", "TCP", "2545 > http [RST, ACK] Seq=759 Ack=424 Win=0 Len=0"
