Solved

Test SYN-ACK

Posted on 2007-11-19
15
1,030 Views
Last Modified: 2012-06-21
Good morning all.  I need to know how to test syn-ack command to see if there is a response.  The problem i have is that a printer is not working at remote site that is controlled in belguim.  One of the lads from has tested it and says he is not getting a response although he can ping the ip.  I need some freeware or a way to be able to test this command as i dont have any access to linux
0
Comment
Question by:dann47
  • 8
  • 5
  • 2
15 Comments
 
LVL 8

Expert Comment

by:ubig
ID: 20311180
You could use Wireshark to trace network packets: http://www.wireshark.org/about.html. It could be an overkill though.
To check if you have SYN-ACK problem you could try to print something and then check your open TCP connections with netstat -na. If your see active TCP sessions with SYN_SENT status it could mean your workstation does not receive ACK.
0
 
LVL 7

Author Comment

by:dann47
ID: 20311248
Thanks, i have tried the netstat approch to no avail.  Be nice if it was a workstation.

Does look a bit overkill for the requirment
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20314965
Can you clarify your comment please? Youy say that the local engineer can ping the device - if it can be pinged, then a reply is being returned. If a reply is being received then syn-ack is pointless.
0
 
LVL 7

Author Comment

by:dann47
ID: 20318302
Ok no problems, thanks for responding.  He has raised a test for an ack response, it is not responded his results as below

Oct 12 05:46:39:     TCP src=4059, dst=9100, seq=2235896744, ack=0, win=65535 SYN
Oct 12 05:46:42: IP: tableid=0, s=172.16.10.23 (Serial0.1), d=192.168.101.153 (FastEthernet0), routed via FIB
Oct 12 05:46:42: IP: s=172.16.10.23 (Serial0.1), d=192.168.101.153 (FastEthernet0), g=192.168.101.153, len 48, forward
Oct 12 05:46:42:     TCP src=4059, dst=9100, seq=2235896744, ack=0, win=65535 SYN
Oct 12 05:46:48: IP: tableid=0, s=172.16.10.23 (Serial0.1), d=192.168.101.153 (FastEthernet0), routed via FIB
Oct 12 05:46:48: IP: s=172.16.10.23 (Serial0.1), d=192.168.101.153 (FastEthernet0), g=192.168.101.153, len 48, forward
Oct 12 05:46:48:     TCP src=4059, dst=9100, seq=2235896744, ack=0, win=65535 SYN
Oct 12 05:46:54: IP: tableid=0, s=172.16.10.20 (Serial0.1), d=192.168.101.153 (FastEthernet0), routed via FIB
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20319589
OK - so he cannot successfully ping the target device.
Interesting that it shows two different source IP's in the three packets sent.

I would be interested in seeing a routing table output and the results of a traceroute from source to destination here.



0
 
LVL 7

Author Comment

by:dann47
ID: 20320191
Yep the head office is in Belguim on a different WAN, i can traceroute quite happily and so can he to the final destinations.
0
 
LVL 7

Author Comment

by:dann47
ID: 20320198
Also he can ping the device, he has proven that to me
0
Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

 
LVL 8

Accepted Solution

by:
ubig earned 500 total points
ID: 20320378
If printer can be pinged but cannot be reached by TCP, I would suggest to check packet filtering on routers between source PC and printer. It is possible that ICMP packets are enabled to pass through but not all TCP ports are.
0
 
LVL 7

Author Comment

by:dann47
ID: 20320450
UBIG, could you expand please, i as i do feel that it is a firewall problem
0
 
LVL 8

Expert Comment

by:ubig
ID: 20320496
Packet filtering is one of technique used by firewalls to restrict network traffic. In reality almost all routers has implemented such a functionality. It is possible to allow some packets to pass through the router and restrict others. If you have firewall between printing PC (or print server if you are using one) and printer itself, that applies to firewall too.

To make sure there are no restriction on TCP or IP level, you should ask your network engineers to check packet filters on each router or firewall between printing PC or print server and printer. You can find out which routers should be checked by issuing command tracert.
0
 
LVL 7

Author Comment

by:dann47
ID: 20320504
Ah process of elimitaion states thought that it only stopped when we installed the new firewall
0
 
LVL 7

Author Comment

by:dann47
ID: 20326253
In the case of printing what kind of packet would i be looking for, in relation to port 9100 - jet direct
0
 
LVL 8

Expert Comment

by:ubig
ID: 20331098
TCP port 9100 is what you should look for. I'm not absolutely sure if that is all you need but your router engineer could log all packets coming back and forth and enable additional ports in case of printing problems by looking at that trace log.
0
 
LVL 8

Expert Comment

by:ubig
ID: 20331110
Here is a reference about TCP port usage for JetDirect: http://aplawrence.com/Jeffl/printports.html
0
 
LVL 7

Author Comment

by:dann47
ID: 20333124
FOund the problem, got one of junipers engineers to diagnose from the information ubig gave me, problem was indeed a router packet filtering issue - Customer's firewall was dropping packets sent to printer on trust side from untrust. Have disabled TCP-syn-check and it's working.

Thanks all for time and advice
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Barracuda Backup Server 5 28
FTP output from Wireshak 6 74
Network Switch Connections 8 52
Disk Configuration - Dell R620 6 63
Convert websphere application server default chained Certificates from 1024 to 2048 keysize or higher size and also you can change signatureAlgorithm . Please make sure Websphere Application Server fixpack 7.0.0.23 or Above. The following steps a…
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now