Solved

TCP DUP ACK and TCP Windows Update

Posted on 2010-08-30
1
1,984 Views
Last Modified: 2012-05-10
I know there have been several questions asked on this topic and I have reviewed them.  

Here is my question.  i am doint a Wireshark capture over two 100/full connections that appear to be clean except for these two flags.  There are no re-transmits or fast re-transmits.  All of the DUP ACK and TCP Window Updates are gernated from my source server out to the server that sends me the data stream.  
Here is how my data flow works.  I connect out from my server to a remote server to start a data stream over a 100/FULL local connection.  Once the stream starts it is only a one way street.  My side is only consuiming the stream.  When I look at the wireshark logs filtered with tcp.analysis.flags it show tons of TCP DUP ACK errors from my side to the feed side.  I have changed my buffers on my NIC and various other items.  Is there anything that I am missing?  I have verified my switch logs and everything is clean there also.
0
Comment
Question by:ericluoma
1 Comment
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 33568308
Depending on your mirroring topology and where exactly you are capturing from, you could simply be seeing the same ACKs twice. For example if you were capturing on links both in and out of a switch. Usually this would mean seeing all packets twice but again, it's possible to see one side once and the other side twice. Think it through and make changes as required.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Join & Write a Comment

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now