Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 312
  • Last Modified:

Troubleshooting network/app connection failure

Hi

We have a Windows 2003 Server running an application. The server is at 192.168.1.1 and is named server1.domain.com

The app running on the server needs to speak with another host (server2.domain.com) at 192.168.1.2, however whenever I try to open the app I get the following error: "cannot reach server2.domain.com"

So I ran Wireshark on Server1, filtered for 192.168.1.2, and can see the following:

1. Server1 > Server2 SYN
2. Server2 > Server1 SYN-ACK
3. Server1 > Server2 ACK

4. Server1 > Server2 > PSH-ACK

5. Server2 > Server1 > FIN, ACK
6. Server1 > Server2 > ACK
7. Server 1> Server2 > FIN, ACK
8. Server2 > Server1 > ACK

How can I find out what and who is causing the connection collapse?
0
neil4933
Asked:
neil4933
  • 5
  • 4
2 Solutions
 
Kamran ArshadIT AssociateCommented:
Hi,

The basic test of pinging from Server1 to Server2 are, and from server2 to server1 is ?
 From your wireshark output, everything seems ok. Please paste a long ping result between the two servers.
0
 
Kamran ArshadIT AssociateCommented:
Also check the windows firewall on both machines, if they are turned ON. Also the external firewall application or firewall device should be checked.
0
 
neil4933Author Commented:
Hi

Thanks for answering.

I did run a long PING earlier - no packets were dropped. Also, no FW's configured on either the servers or in between.

Based on the output of the Wireshark, which server is the one that is terminating the connection, Server1 or Server2?
0
What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

 
Kamran ArshadIT AssociateCommented:
The sequence suggests;

1- Server1 sends a SYN packet to server2
2- Server2 sends back the ACK (Acknowledgment) of SYN
3- Server1 send ACK of the SYN-ACK

After this the connection is established and actual data transfer has started.

4- PSH - Push function, causes the Server1 to push all unsent data to the server2 rather than sends segments when it gets around to them i.e. when the buffer is full.
5- FIN - End of data transfer initiated by the server2 with ACK on 6,7,8

The below link can be helpful for you to understand. I suspect a firewall or application level error. The Network is smooth once the ping is stable.
0
 
Kamran ArshadIT AssociateCommented:
0
 
neil4933Author Commented:
Thanks...

Regarding this;

5. Server2 > Server1 > FIN, ACK
6. Server1 > Server2 > ACK
7. Server 1> Server2 > FIN, ACK
8. Server2 > Server1 > ACK


I always though that there would be a FIN (from the server initiating the termination), following by a FIN,ACK, then ACK.

Not straight to FIN,ACK and then ACK?

[hope that makes sense]
0
 
Kamran ArshadIT AssociateCommented:
Can you share the portion of code on application at server1, which the application calls to connect to the server2?
0
 
rfc1180Commented:
>I always though that there would be a FIN (from the server initiating the termination), following by a FIN,ACK, then ACK.

Nope, there can be a three way termination and this is the most common method.
What you should have seen is that when host A sends a FIN, host B replies back with a FIN & ACK (merely combines 2 steps into one) and then host A replies with an ACK.

As long as you are connecting via a 3 way handshake and the fact that the session is terminating with FIN and ACKs indicates that the port is open, listening and is able to accept and process connections. So it does not appear to be a firewall issue.

What protocol are you using for the communication (RDP, web application, etc)
What is in the path between the servers.
Are you able to post the contents of the packet capture, there is so much we can do with a picture of what is going on.

Billy
0
 
neil4933Author Commented:
Please see attached.

There is nothing in the path between the servers, just routers.

I think one of the servers is terminating the connection but not sure which one?
FIN.doc
0
 
neil4933Author Commented:
Any word guys?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now