Leave a Comment:
(5) comments
I knew how important in troubleshooting it is to have traces from both sides but I never had in mind that using realtive Seq Numbers in Wireshark, could make me blind for issues like this.
Another brilliant investigation!
learned a lot – many thanks.
regards
Helmuth
Why was it affecting only one-way traffic?
This firewall had to do the same thing in both directions (or no?)..
Or maybe other-way traffic was flawing by another path without that device?
Thanks for the video!
Reply@Vladimir: I believe this problem only affected the server-to-client direction was because the packet that got lost (dropped) was headed that direction. So the SACKs + Duplicate ACKs only needed to be used in that direction to get the server to resend the missing segment but not the rest of the subsequent TCP data that the client successfully received (and SACKed).
Reply