Am I losing packets, pls see the attached ColaSoft Capsa screen capture
Hi,
I need advice and translation of what this capture - attached means. This is the situation. I have a windows app that uses a web service on our web server - the web service accesses one of our database servers. Recently it started to ramdomly fail to retrieve data. I cahnged to completey different database server but still the same. I moved web service to another server but still fails randomly. When I say fails I get "An existing connection was forcibly closed by the remote host" In IIS 6 on the server everytime a failure occurs I can see in the logs an entry that has sc-win32-status with a value of 64.
I did an HTTP capture using ColaSoft Capsa (Wireshark seemed too difficult to understand). Now I got loads of TCP duplicated ACKs but I am not sure if they are indicating that there is a packet loss in my network. PLease have a loo at the attached image.
Can someone please comment or give advice here. Please note that when I moved the Web service to my local PC (localhost) IIS it works fine from opther machines in our LAN
Thanks in advance
H
I need advice and translation of what this capture - attached means. This is the situation. I have a windows app that uses a web service on our web server - the web service accesses one of our database servers. Recently it started to ramdomly fail to retrieve data. I cahnged to completey different database server but still the same. I moved web service to another server but still fails randomly. When I say fails I get "An existing connection was forcibly closed by the remote host" In IIS 6 on the server everytime a failure occurs I can see in the logs an entry that has sc-win32-status with a value of 64.
I did an HTTP capture using ColaSoft Capsa (Wireshark seemed too difficult to understand). Now I got loads of TCP duplicated ACKs but I am not sure if they are indicating that there is a packet loss in my network. PLease have a loo at the attached image.
Can someone please comment or give advice here. Please note that when I moved the Web service to my local PC (localhost) IIS it works fine from opther machines in our LAN
Thanks in advance
H
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
any chance of auto negotiated port being mismatched.
Speed is never an issue, but fullduplex/halfduplex can. That will cause massive packetloss on mismatch with sufficient traffic.
In a low traffic situation you will not notice any problems.
Speed is never an issue, but fullduplex/halfduplex can. That will cause massive packetloss on mismatch with sufficient traffic.
In a low traffic situation you will not notice any problems.
ASKER
noci,
Thanks for the response. How would I find out if auto negotiated port is mismatched? I an nmot network savvy, sorry.
For info, applications between my PC and the web server that my problematic web service is running on work fine. Previous tests showed that If I host the web service on my local PC and run the client app on my colleague's PC all works fine (no firewall/router between our PCs)
Thanks for the response. How would I find out if auto negotiated port is mismatched? I an nmot network savvy, sorry.
For info, applications between my PC and the web server that my problematic web service is running on work fine. Previous tests showed that If I host the web service on my local PC and run the client app on my colleague's PC all works fine (no firewall/router between our PCs)
One way to find out is if a tool like netio reports assymetric speeds.
http://www.ars.de/ars/ars.nsf/docs/netio
Another is looking at a interface counters. (lots of short packets (=RUNTS) & CRC errors ) esp. on the FD side.
Issues mostly occur when hubs or hard configured interfaces are used together with auto configured interfaces.
ASKER
What would you do if you were me. Could you give me steps to follow to troubleshoot the issue?
Thanks noci
Thanks noci
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK. The reality is now hitting me... I need to do some learning. I have a key to our server room and admin password but I can only identify servers then I see a firewall box and a couple of boxes that say SuperStack 3300 plus 5 Blackbox server switches boxes. Don't know where the router is. I need to figure out what is what first
I would take IIS out of the equation but include the server where IIS is running in the investigation. IIS seems to be functioning fine and returning iis sc-win32-status of 64 when connection drops
Cheers
H
I would take IIS out of the equation but include the server where IIS is running in the investigation. IIS seems to be functioning fine and returning iis sc-win32-status of 64 when connection drops
Cheers
H
So that what should be done with all components... (I intentionaly added the IIS as a part of the chain, it's easily verifiable.)
OTOH the next step is the server interface, possibly settings on it & firewall settings on the server.
OTOH the next step is the server interface, possibly settings on it & firewall settings on the server.
ASKER
I have recreated my whole service in NET 1.1 and hosted on a different server and also tried on the same server. This suggests possible firewall/router/network issue.
My client has been waiting for too long and I decided to patch it up so I put a retry (up to 5 times when it fails) and it now managed to run 200 times (with those retry machanism). I am going to ahev to leave it at that as I don't have the expertese to troubleshoot the infrastructure and not much time either as my other projects are being delayed by this issue
Many thanks for your input.
I am assuming there is no easy way to get to the end of this but you think there is please let me know
Cheers
H
My client has been waiting for too long and I decided to patch it up so I put a retry (up to 5 times when it fails) and it now managed to run 200 times (with those retry machanism). I am going to ahev to leave it at that as I don't have the expertese to troubleshoot the infrastructure and not much time either as my other projects are being delayed by this issue
Many thanks for your input.
I am assuming there is no easy way to get to the end of this but you think there is please let me know
Cheers
H
No easy way, but try to use this as an excersize, at least it gives you a guide how to drill down .
Learning the properties of your equipment can be beneficial too for other trouble shooting.
Also if you write the paths you start documenting you infra & environment. Which is a huge benefit with future changes...
Learning the properties of your equipment can be beneficial too for other trouble shooting.
Also if you write the paths you start documenting you infra & environment. Which is a huge benefit with future changes...
ASKER
But how do I find the paths? I have no clue. Follow wires?
Follow wires for the switched parts, study switch/host configurations.
IP Path can be fount using f.e. traceroute
nmap is a tool that can find which ports & machines on your network are accessible.
IP Path can be fount using f.e. traceroute
nmap is a tool that can find which ports & machines on your network are accessible.
ASKER
Thank you noci
Where would I find the switch configuration?
Where would I find the switch configuration?
That depends on the switch.
- Unmanagebale switch (there is no config available)
- Web managed switch: point your browser to the ip address of the switch (the address is either hard coded (see manual), or DHCP requested, see reservations log of your DHCP server))
- Possibly you can telnet into the switch, see documentation for your switch.
A hub is more like an unmanaged switch, but all wires are cross connected here there is no packet forwarding, just electric signal forwarding. [ Hence it can only work half duplex as it has no buffers ].
- Unmanagebale switch (there is no config available)
- Web managed switch: point your browser to the ip address of the switch (the address is either hard coded (see manual), or DHCP requested, see reservations log of your DHCP server))
- Possibly you can telnet into the switch, see documentation for your switch.
A hub is more like an unmanaged switch, but all wires are cross connected here there is no packet forwarding, just electric signal forwarding. [ Hence it can only work half duplex as it has no buffers ].
ASKER
Trace records error (before the error there are thousands of lines showing the data retrieved so far)
System.Net Verbose: 0 : [9732] Exiting ConnectStream#42644125::Re
System.Net Verbose: 0 : [9732] ConnectStream#42644125::Re
System.Net Error: 0 : [9732] Exception in the HttpWebRequest#63539872:: - The underlying connection was closed: An unexpected error occurred on a receive.
System.Net Verbose: 0 : [9732] ConnectStream#42644125::Cl
System.Net Verbose: 0 : [9732] Exiting ConnectStream#42644125::Cl
While running the app in the trace sometimes I can get the data 50 times before a failure sometimes it fails first time!! My data sizes have shrunk too. The largest is 2.5MB
No idea what else to try now