• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1668
  • Last Modified:

TCP Out-of-Orders and TCP Dup ACK's on Macintosh clients w/ Exchange

Hi,

I have a strange issue that I am struggling with.  I recently used XenConvert to virtualize a Windows 2003 Server running Exchange 2003.  It is a single server which is accessed via Mac and PC clients.  Ever since I virtualized the server the Mac computers are having connectivity issues.

When I run a Wireshark capture I am seeing TCP Out-of-Order and TCP Dup ACK's.  A way to clearly see this behavior and the network connectivity stall is to open up the webmail and page through e-mails.  You will see the connection stall midpage.  It will usually resume the connection anywhere between 5 and 5 minutes later.

This is causing problems for remote Entourage users and people accessing webmail.

Now here is the strange part:  The issue only affects Mac's (and one of my Linux systems that I tested with).  If you pull up webmail with Internet Explorer on a Windows PC, there are no timeouts, no stalling--everything loads just fine.

I don't THINK it's a hardware issue on the switches or server NIC as Windows has no problems, just the Mac's.  I am able to copy large files via SMB from the Server to the Mac, so it seems to be localized to IIS.

We're running the most recent versions of firmware on the new server.  I am going to perform all Windows updates and see if a patch may resolve this issue.  Can anyone think of a possible reason as to why this would be occuring?

Thanks for any suggestions!
0
lighthousekeeper
Asked:
lighthousekeeper
  • 3
  • 3
1 Solution
 
et01267Commented:
What speed is your network?  What is the MTU on the Macs. Could be that the MTU is too big on the Macs, and/or that the virtualized Exchange server is failing to handle TCP negotiations properly.

Try setting one Mac to the same MTU as the virtual Exchange server (and possibly also set the MTU on the interface of the "real" host).

Just a guess.

However, if the only thing that changed is your new virtual server, then I would concentrate my investigations around that.
0
 
lighthousekeeperAuthor Commented:
I wanted to provide an update on this issue:  The problem actually occurs on a Mac or a PC platform.  What I have found is OWA works fine through Internet Explorer, but any other browser (firefox, Chrome, etc.) we will get intermittent timeouts which makes OWA difficult to use.

As an example, after logging into OWA when you page through your lists of messages it will stop transmitting midway through the list.  It will then finally catch up and finish displaying the page.  Sometimes it completes, sometimes it does not--just hangs.  Wiresharks says TCP Out-of-Orders and Dup ACK's are occurring.  We've replaced out switched (for another reason) and that did not make a difference.

OWA on Internet Explorer seems to be wrapped in Active X (or something) and has a much richer experience versus OWA in Firefox (where the problem occurs).  Is this a clue as to why this could be happening?

The timeout issue DOES happen internally, but it happens RARELY and doesn't seem nearly as severe as when accessing remotely.  If you VPN in remotely and test internally over the VPN, the issue still occurs.  We are replacing the firewall this evening and I will report if that makes any difference.

We're starting to go crazy at this point.  Any suggestions are greatly appreciated!

0
 
et01267Commented:
Well, my suggestion would be to complain to the virtualization provider, complain to Microsoft (you bought support, right ...), and/or move all your stuff to Google and just ditch Exchange.  It's a bloated steaming pile that just wastes resources and doesn't play well with others.

I'm sure that ActiveX uses some backdoor to access Exchange versus other browsers. You could see this pretty easily in Wireshark, I bet.  

I still suspect the TCP stack on the virtual server is somehow getting twisted because of Exchange.

Not what you wanted to hear, but I have nothing more to add.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
lighthousekeeperAuthor Commented:
Thanks...  I just wanted to add a little more information.

We swapped out our switches and firewall with new ones.

FTP, SMB, Remote Desktop, RPC--these protocols work fine to this server on any platform.

HTTP, HTTPS--these protocols timeout with TCP Dup ACK's, TCP Previous Segment lost, TCP Out of Order.

Downloading via HTTP or HTTPS on Windows PC's works fine.  Mac or Linux PC's we get the timeouts.  I tested the HTTP HTTPS issue directly from the root directory outside of exchange.

I'm think I'm going to contact Microsoft as I believe it is an IIS issue.  What do you think?  Any last ideas?
0
 
et01267Commented:
Yeah, IIS, or possibly the network stack isn't dealing with the network speed.  

Have you tried disabling all firewall/filtering on the server? Perhaps some stateful firewall is inspecting HTTP packets and hosing them.

Maybe try a different network adapter in the server.

Good luck.
0
 
lighthousekeeperAuthor Commented:
Problem resolved.  Here is fix:  

http://support.microsoft.com/kb/904946/

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now