Solved

TCP DUP ACK and TCP Windows Update

Posted on 2010-08-30
1
2,021 Views
Last Modified: 2012-05-10
I know there have been several questions asked on this topic and I have reviewed them.  

Here is my question.  i am doint a Wireshark capture over two 100/full connections that appear to be clean except for these two flags.  There are no re-transmits or fast re-transmits.  All of the DUP ACK and TCP Window Updates are gernated from my source server out to the server that sends me the data stream.  
Here is how my data flow works.  I connect out from my server to a remote server to start a data stream over a 100/FULL local connection.  Once the stream starts it is only a one way street.  My side is only consuiming the stream.  When I look at the wireshark logs filtered with tcp.analysis.flags it show tons of TCP DUP ACK errors from my side to the feed side.  I have changed my buffers on my NIC and various other items.  Is there anything that I am missing?  I have verified my switch logs and everything is clean there also.
0
Comment
Question by:ericluoma
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 33568308
Depending on your mirroring topology and where exactly you are capturing from, you could simply be seeing the same ACKs twice. For example if you were capturing on links both in and out of a switch. Usually this would mean seeing all packets twice but again, it's possible to see one side once and the other side twice. Think it through and make changes as required.
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASA Deny No Connection PSH ACK, Traffic is dropped 10 91
Router assigned IP addresses 18 108
Node.js 11 79
AT&T sip management portal 7 26
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question