TCP Out-of-Orders and TCP Dup ACK's on Macintosh clients w/ Exchange


I have a strange issue that I am struggling with.  I recently used XenConvert to virtualize a Windows 2003 Server running Exchange 2003.  It is a single server which is accessed via Mac and PC clients.  Ever since I virtualized the server the Mac computers are having connectivity issues.

When I run a Wireshark capture I am seeing TCP Out-of-Order and TCP Dup ACK's.  A way to clearly see this behavior and the network connectivity stall is to open up the webmail and page through e-mails.  You will see the connection stall midpage.  It will usually resume the connection anywhere between 5 and 5 minutes later.

This is causing problems for remote Entourage users and people accessing webmail.

Now here is the strange part:  The issue only affects Mac's (and one of my Linux systems that I tested with).  If you pull up webmail with Internet Explorer on a Windows PC, there are no timeouts, no stalling--everything loads just fine.

I don't THINK it's a hardware issue on the switches or server NIC as Windows has no problems, just the Mac's.  I am able to copy large files via SMB from the Server to the Mac, so it seems to be localized to IIS.

We're running the most recent versions of firmware on the new server.  I am going to perform all Windows updates and see if a patch may resolve this issue.  Can anyone think of a possible reason as to why this would be occuring?

Thanks for any suggestions!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

What speed is your network?  What is the MTU on the Macs. Could be that the MTU is too big on the Macs, and/or that the virtualized Exchange server is failing to handle TCP negotiations properly.

Try setting one Mac to the same MTU as the virtual Exchange server (and possibly also set the MTU on the interface of the "real" host).

Just a guess.

However, if the only thing that changed is your new virtual server, then I would concentrate my investigations around that.
lighthousekeeperAuthor Commented:
I wanted to provide an update on this issue:  The problem actually occurs on a Mac or a PC platform.  What I have found is OWA works fine through Internet Explorer, but any other browser (firefox, Chrome, etc.) we will get intermittent timeouts which makes OWA difficult to use.

As an example, after logging into OWA when you page through your lists of messages it will stop transmitting midway through the list.  It will then finally catch up and finish displaying the page.  Sometimes it completes, sometimes it does not--just hangs.  Wiresharks says TCP Out-of-Orders and Dup ACK's are occurring.  We've replaced out switched (for another reason) and that did not make a difference.

OWA on Internet Explorer seems to be wrapped in Active X (or something) and has a much richer experience versus OWA in Firefox (where the problem occurs).  Is this a clue as to why this could be happening?

The timeout issue DOES happen internally, but it happens RARELY and doesn't seem nearly as severe as when accessing remotely.  If you VPN in remotely and test internally over the VPN, the issue still occurs.  We are replacing the firewall this evening and I will report if that makes any difference.

We're starting to go crazy at this point.  Any suggestions are greatly appreciated!

Well, my suggestion would be to complain to the virtualization provider, complain to Microsoft (you bought support, right ...), and/or move all your stuff to Google and just ditch Exchange.  It's a bloated steaming pile that just wastes resources and doesn't play well with others.

I'm sure that ActiveX uses some backdoor to access Exchange versus other browsers. You could see this pretty easily in Wireshark, I bet.  

I still suspect the TCP stack on the virtual server is somehow getting twisted because of Exchange.

Not what you wanted to hear, but I have nothing more to add.
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

lighthousekeeperAuthor Commented:
Thanks...  I just wanted to add a little more information.

We swapped out our switches and firewall with new ones.

FTP, SMB, Remote Desktop, RPC--these protocols work fine to this server on any platform.

HTTP, HTTPS--these protocols timeout with TCP Dup ACK's, TCP Previous Segment lost, TCP Out of Order.

Downloading via HTTP or HTTPS on Windows PC's works fine.  Mac or Linux PC's we get the timeouts.  I tested the HTTP HTTPS issue directly from the root directory outside of exchange.

I'm think I'm going to contact Microsoft as I believe it is an IIS issue.  What do you think?  Any last ideas?
Yeah, IIS, or possibly the network stack isn't dealing with the network speed.  

Have you tried disabling all firewall/filtering on the server? Perhaps some stateful firewall is inspecting HTTP packets and hosing them.

Maybe try a different network adapter in the server.

Good luck.
lighthousekeeperAuthor Commented:
Problem resolved.  Here is fix:


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.