Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 903
  • Last Modified:

TCP Bandwidth hog - Out of Order & Retransmission packets

I have one user who when they connect to the VPN at home or connect their laptop to a remote office location (which has VPN tunnel appliance to appliance setup) they are creating a bottleneck of TCP traffic - almost 1MB/min back and forth to the server - most of which is TCP Out of Order or TCP Retransmission packets.  I've played with MTU on her laptop and that doesn't seem to do anything.  Thought it was tied to her wireless adapter but tested with card disabled and on LAN line and still same issue.  Attached you can see the packets - that is all within 2 seconds.  All our VPN users share a 3MB upload from the server - so this is really taking a chunk of bandwidth from all the other VPN/Remote users (10-15 of them).   Does anyone have ANY ideas??
Sharon-Traffic.jpg
0
VersaliftEast
Asked:
VersaliftEast
  • 3
  • 3
1 Solution
 
JohnBusiness Consultant (Owner)Commented:
One very likely explanation is that the user has a virus that is sending traffic out.

It could be Windows Updates and/or Antivirus updates causing this, but this traffic would diminish in time.

Check the machine thoroughly for malware and viruses.
0
 
VersaliftEastAuthor Commented:
I did run a full scan with our business AVG AV and also a bitdefender.  neither found anything.   That was my 1st thought too.  I don't see anything weird running in the processes list in the task manager.   Do you have any AV/MW tools you usually use that I should look into instead?  This has been going on for weeks now.
0
 
JohnBusiness Consultant (Owner)Commented:
With respect to viruses, you can run Malwarebytes (malwarebytes.org). AVG is decent but not the best antivirus suite.

Another thing to try is to set up a different Windows User Account (Profile) and set up VPN in the new profile. Does traffic occur in the new profile?  It could be profile corruption causing the problem.

Outlook OST lives in the user account. Is it syncing (caching) properly?  Again, a different Windows Profile will help narrow this down.
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
VersaliftEastAuthor Commented:
Thanks John I will try the new profile option and see what happens there.  Its hard as she doesn't have much down time so not sure when I will get to try this.
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Did you try to analyze to which paths the CIFS request (port 445) went? If they are different, a new profile should help much (as no tries to contact different network paths should be made then).
0
 
VersaliftEastAuthor Commented:
It did end up being a corrupt profile.  Had issues removing the domain profile completely and adding it back in - a few files from the old profile did not want to be removed.  But finally was successful and no more crazy bandwidth hogging the VPN tunnels!  Thank you!
0
 
JohnBusiness Consultant (Owner)Commented:
@VersaliftEast - Thank you for the update and I was happy to help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now