TCP connections hang during handshake [closed]TCP Handshake fails on Cisco ASAIs application determined before or after TCP handshake?Is MSS negotiated or exchanged during the 3 way handshakeTCP streams/connectionsCalculating 3 way TCP Handshake DurationRandom intercontinental TCP streams are slowTCP Three Way Handshake?
Find constant that allows an integral to be finite
Is it sportsmanlike to waste opponents' time by giving check at the end of the game?
Dicht antonym - what is it?
A question about relaxation oscillator
Giving a talk on a different topic than what we discussed
"Ich habe Durst" vs "Ich bin durstig": Which is more common?
How to use FDE without needing to share the encryption password
Which fallacy: "If white privilege exists, why did Elizabeth Warren pretend to be an Indian?"
Creating vector (with lines/polygons) from raster based on paper map in QGIS
Decision problems for which it is unknown whether they are decidable
What are standard cryptographic assumptions?
How to present boolean options along with selecting exactly 1 of them as "primary"?
What's an "add" chord?
Can you make monkeys human?
tizk aligning arc between nodes + same length
Warranty on lock damaged during attempted theft
CO₂ level is high enough that it reduces cognitive ability. Isn't that a reason to worry?
At what point in time would humans notice a 21st century satellite observing them?
Why might SHA-384 throughput be lower than SHA-512 throughput in hashcat?
"Chess is 90% tactics" - should a player focus more on tactics in order to improve?
Why did the Bohr Model Successfully calculate some of the energy levels in hydrogen?
Translation Golf XLIX - An Accurate Shot
What do you call someone whose unmarried partner has died?
Making Sandwiches
TCP connections hang during handshake [closed]
TCP Handshake fails on Cisco ASAIs application determined before or after TCP handshake?Is MSS negotiated or exchanged during the 3 way handshakeTCP streams/connectionsCalculating 3 way TCP Handshake DurationRandom intercontinental TCP streams are slowTCP Three Way Handshake?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty
margin-bottom:0;
For the last few days, connections originating behind my LAN's NAT have been having issues completing the TCP handshake (i.e. web pages only load after hitting F5 a few times, network applications sometimes timeout when starting, etc.). After a TCP connection is estabilished, everything works fine.
My network configuration is ~20 machines behind an EdgeOS router, which masquerades internal addresses to my ISP's PPPoE endpoint. No updates or configuration changes have been made recently (last 6 months at least). I've excluded NAT port exhaustion, memory exhaustion and my ISP doesn't run CGNAT. The issue presents both on Windows and Linux machines, which means the culprit is most probably the ISP.
The issue at hand is, how do I investigate and document such a problem on my side?
tcp nat
closed as too broad by Ron Maupin♦ Jul 22 at 14:20
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment
|
For the last few days, connections originating behind my LAN's NAT have been having issues completing the TCP handshake (i.e. web pages only load after hitting F5 a few times, network applications sometimes timeout when starting, etc.). After a TCP connection is estabilished, everything works fine.
My network configuration is ~20 machines behind an EdgeOS router, which masquerades internal addresses to my ISP's PPPoE endpoint. No updates or configuration changes have been made recently (last 6 months at least). I've excluded NAT port exhaustion, memory exhaustion and my ISP doesn't run CGNAT. The issue presents both on Windows and Linux machines, which means the culprit is most probably the ISP.
The issue at hand is, how do I investigate and document such a problem on my side?
tcp nat
closed as too broad by Ron Maupin♦ Jul 22 at 14:20
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment
|
For the last few days, connections originating behind my LAN's NAT have been having issues completing the TCP handshake (i.e. web pages only load after hitting F5 a few times, network applications sometimes timeout when starting, etc.). After a TCP connection is estabilished, everything works fine.
My network configuration is ~20 machines behind an EdgeOS router, which masquerades internal addresses to my ISP's PPPoE endpoint. No updates or configuration changes have been made recently (last 6 months at least). I've excluded NAT port exhaustion, memory exhaustion and my ISP doesn't run CGNAT. The issue presents both on Windows and Linux machines, which means the culprit is most probably the ISP.
The issue at hand is, how do I investigate and document such a problem on my side?
tcp nat
For the last few days, connections originating behind my LAN's NAT have been having issues completing the TCP handshake (i.e. web pages only load after hitting F5 a few times, network applications sometimes timeout when starting, etc.). After a TCP connection is estabilished, everything works fine.
My network configuration is ~20 machines behind an EdgeOS router, which masquerades internal addresses to my ISP's PPPoE endpoint. No updates or configuration changes have been made recently (last 6 months at least). I've excluded NAT port exhaustion, memory exhaustion and my ISP doesn't run CGNAT. The issue presents both on Windows and Linux machines, which means the culprit is most probably the ISP.
The issue at hand is, how do I investigate and document such a problem on my side?
tcp nat
tcp nat
edited Jul 22 at 11:40
rrrrrrrrrrrrrrrr
asked Jul 21 at 7:48
rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
1435 bronze badges
1435 bronze badges
closed as too broad by Ron Maupin♦ Jul 22 at 14:20
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
closed as too broad by Ron Maupin♦ Jul 22 at 14:20
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
closed as too broad by Ron Maupin♦ Jul 22 at 14:20
Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. Avoid asking multiple distinct questions at once. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment
|
add a comment
|
1 Answer
1
active
oldest
votes
You state that TCP connections run fine once they get established. That makes a cause on the ISP's network unlikely: ISP routers are usually stateless, so they don't care for layers above the network (IP) layer, and (random) packet loss would impact all packets alike, during and after establishing a connection.
More likely, your NAT router fails to establish new NAT sessions. This may be due to port exhaustion, memory exhaustion or some other system limitation. You should check the router for logged errors and warnings, memory or other resource exhaustion or such.
If router diagnosis doesn't locate the problem you might need to run a packet capture on your NAT router's WAN interface to make sure that TCP SYNs etc. make it across the router. You can also compare that capture to one made on an outside, known-good host. If you're sure that packets make it across your router and don't make it to the ultimate destination, then your ISP needs to answer some questions.
While you have a (very, very) fair point, I did not change anything in the network configuration & I have restarted the router multiple times, and the problem presents immediately after a reboot, which means resource (port, memory, etc.) exhaustion is unlikely. I will do a very simple test this evening: I'm going to route traffic through a different ISP from the same router. If that fails to identify the culprit, I'm going to run the other tests you suggested.
– rrrrrrrrrrrrrrrr
Jul 21 at 18:53
@rrrrrrrrrrrrrrrr Nothing in the logs?
– Zac67
Jul 21 at 19:36
Nope, nothing of interest.
– rrrrrrrrrrrrrrrr
Jul 21 at 21:21
1
That first paragraph would only hold if the ISP is not applying CGNAT, right? If this is a new development then that's possibly something that has changed on the ISP end. Of course, if @rrrrrrrrrrrrrrrr is on a business plan that's unlikely - CGNAT is usually residential/consumer only, barring a mixup on the ISP side.
– Bob
Jul 22 at 2:59
@bob Absolutely - however even then, resources for carrier-grade NAT should be ample and never run out.
– Zac67
Jul 22 at 6:22
|
show 5 more comments
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You state that TCP connections run fine once they get established. That makes a cause on the ISP's network unlikely: ISP routers are usually stateless, so they don't care for layers above the network (IP) layer, and (random) packet loss would impact all packets alike, during and after establishing a connection.
More likely, your NAT router fails to establish new NAT sessions. This may be due to port exhaustion, memory exhaustion or some other system limitation. You should check the router for logged errors and warnings, memory or other resource exhaustion or such.
If router diagnosis doesn't locate the problem you might need to run a packet capture on your NAT router's WAN interface to make sure that TCP SYNs etc. make it across the router. You can also compare that capture to one made on an outside, known-good host. If you're sure that packets make it across your router and don't make it to the ultimate destination, then your ISP needs to answer some questions.
While you have a (very, very) fair point, I did not change anything in the network configuration & I have restarted the router multiple times, and the problem presents immediately after a reboot, which means resource (port, memory, etc.) exhaustion is unlikely. I will do a very simple test this evening: I'm going to route traffic through a different ISP from the same router. If that fails to identify the culprit, I'm going to run the other tests you suggested.
– rrrrrrrrrrrrrrrr
Jul 21 at 18:53
@rrrrrrrrrrrrrrrr Nothing in the logs?
– Zac67
Jul 21 at 19:36
Nope, nothing of interest.
– rrrrrrrrrrrrrrrr
Jul 21 at 21:21
1
That first paragraph would only hold if the ISP is not applying CGNAT, right? If this is a new development then that's possibly something that has changed on the ISP end. Of course, if @rrrrrrrrrrrrrrrr is on a business plan that's unlikely - CGNAT is usually residential/consumer only, barring a mixup on the ISP side.
– Bob
Jul 22 at 2:59
@bob Absolutely - however even then, resources for carrier-grade NAT should be ample and never run out.
– Zac67
Jul 22 at 6:22
|
show 5 more comments
You state that TCP connections run fine once they get established. That makes a cause on the ISP's network unlikely: ISP routers are usually stateless, so they don't care for layers above the network (IP) layer, and (random) packet loss would impact all packets alike, during and after establishing a connection.
More likely, your NAT router fails to establish new NAT sessions. This may be due to port exhaustion, memory exhaustion or some other system limitation. You should check the router for logged errors and warnings, memory or other resource exhaustion or such.
If router diagnosis doesn't locate the problem you might need to run a packet capture on your NAT router's WAN interface to make sure that TCP SYNs etc. make it across the router. You can also compare that capture to one made on an outside, known-good host. If you're sure that packets make it across your router and don't make it to the ultimate destination, then your ISP needs to answer some questions.
While you have a (very, very) fair point, I did not change anything in the network configuration & I have restarted the router multiple times, and the problem presents immediately after a reboot, which means resource (port, memory, etc.) exhaustion is unlikely. I will do a very simple test this evening: I'm going to route traffic through a different ISP from the same router. If that fails to identify the culprit, I'm going to run the other tests you suggested.
– rrrrrrrrrrrrrrrr
Jul 21 at 18:53
@rrrrrrrrrrrrrrrr Nothing in the logs?
– Zac67
Jul 21 at 19:36
Nope, nothing of interest.
– rrrrrrrrrrrrrrrr
Jul 21 at 21:21
1
That first paragraph would only hold if the ISP is not applying CGNAT, right? If this is a new development then that's possibly something that has changed on the ISP end. Of course, if @rrrrrrrrrrrrrrrr is on a business plan that's unlikely - CGNAT is usually residential/consumer only, barring a mixup on the ISP side.
– Bob
Jul 22 at 2:59
@bob Absolutely - however even then, resources for carrier-grade NAT should be ample and never run out.
– Zac67
Jul 22 at 6:22
|
show 5 more comments
You state that TCP connections run fine once they get established. That makes a cause on the ISP's network unlikely: ISP routers are usually stateless, so they don't care for layers above the network (IP) layer, and (random) packet loss would impact all packets alike, during and after establishing a connection.
More likely, your NAT router fails to establish new NAT sessions. This may be due to port exhaustion, memory exhaustion or some other system limitation. You should check the router for logged errors and warnings, memory or other resource exhaustion or such.
If router diagnosis doesn't locate the problem you might need to run a packet capture on your NAT router's WAN interface to make sure that TCP SYNs etc. make it across the router. You can also compare that capture to one made on an outside, known-good host. If you're sure that packets make it across your router and don't make it to the ultimate destination, then your ISP needs to answer some questions.
You state that TCP connections run fine once they get established. That makes a cause on the ISP's network unlikely: ISP routers are usually stateless, so they don't care for layers above the network (IP) layer, and (random) packet loss would impact all packets alike, during and after establishing a connection.
More likely, your NAT router fails to establish new NAT sessions. This may be due to port exhaustion, memory exhaustion or some other system limitation. You should check the router for logged errors and warnings, memory or other resource exhaustion or such.
If router diagnosis doesn't locate the problem you might need to run a packet capture on your NAT router's WAN interface to make sure that TCP SYNs etc. make it across the router. You can also compare that capture to one made on an outside, known-good host. If you're sure that packets make it across your router and don't make it to the ultimate destination, then your ISP needs to answer some questions.
edited Jul 21 at 14:43
answered Jul 21 at 12:21
Zac67Zac67
41.6k2 gold badges28 silver badges79 bronze badges
41.6k2 gold badges28 silver badges79 bronze badges
While you have a (very, very) fair point, I did not change anything in the network configuration & I have restarted the router multiple times, and the problem presents immediately after a reboot, which means resource (port, memory, etc.) exhaustion is unlikely. I will do a very simple test this evening: I'm going to route traffic through a different ISP from the same router. If that fails to identify the culprit, I'm going to run the other tests you suggested.
– rrrrrrrrrrrrrrrr
Jul 21 at 18:53
@rrrrrrrrrrrrrrrr Nothing in the logs?
– Zac67
Jul 21 at 19:36
Nope, nothing of interest.
– rrrrrrrrrrrrrrrr
Jul 21 at 21:21
1
That first paragraph would only hold if the ISP is not applying CGNAT, right? If this is a new development then that's possibly something that has changed on the ISP end. Of course, if @rrrrrrrrrrrrrrrr is on a business plan that's unlikely - CGNAT is usually residential/consumer only, barring a mixup on the ISP side.
– Bob
Jul 22 at 2:59
@bob Absolutely - however even then, resources for carrier-grade NAT should be ample and never run out.
– Zac67
Jul 22 at 6:22
|
show 5 more comments
While you have a (very, very) fair point, I did not change anything in the network configuration & I have restarted the router multiple times, and the problem presents immediately after a reboot, which means resource (port, memory, etc.) exhaustion is unlikely. I will do a very simple test this evening: I'm going to route traffic through a different ISP from the same router. If that fails to identify the culprit, I'm going to run the other tests you suggested.
– rrrrrrrrrrrrrrrr
Jul 21 at 18:53
@rrrrrrrrrrrrrrrr Nothing in the logs?
– Zac67
Jul 21 at 19:36
Nope, nothing of interest.
– rrrrrrrrrrrrrrrr
Jul 21 at 21:21
1
That first paragraph would only hold if the ISP is not applying CGNAT, right? If this is a new development then that's possibly something that has changed on the ISP end. Of course, if @rrrrrrrrrrrrrrrr is on a business plan that's unlikely - CGNAT is usually residential/consumer only, barring a mixup on the ISP side.
– Bob
Jul 22 at 2:59
@bob Absolutely - however even then, resources for carrier-grade NAT should be ample and never run out.
– Zac67
Jul 22 at 6:22
While you have a (very, very) fair point, I did not change anything in the network configuration & I have restarted the router multiple times, and the problem presents immediately after a reboot, which means resource (port, memory, etc.) exhaustion is unlikely. I will do a very simple test this evening: I'm going to route traffic through a different ISP from the same router. If that fails to identify the culprit, I'm going to run the other tests you suggested.
– rrrrrrrrrrrrrrrr
Jul 21 at 18:53
While you have a (very, very) fair point, I did not change anything in the network configuration & I have restarted the router multiple times, and the problem presents immediately after a reboot, which means resource (port, memory, etc.) exhaustion is unlikely. I will do a very simple test this evening: I'm going to route traffic through a different ISP from the same router. If that fails to identify the culprit, I'm going to run the other tests you suggested.
– rrrrrrrrrrrrrrrr
Jul 21 at 18:53
@rrrrrrrrrrrrrrrr Nothing in the logs?
– Zac67
Jul 21 at 19:36
@rrrrrrrrrrrrrrrr Nothing in the logs?
– Zac67
Jul 21 at 19:36
Nope, nothing of interest.
– rrrrrrrrrrrrrrrr
Jul 21 at 21:21
Nope, nothing of interest.
– rrrrrrrrrrrrrrrr
Jul 21 at 21:21
1
1
That first paragraph would only hold if the ISP is not applying CGNAT, right? If this is a new development then that's possibly something that has changed on the ISP end. Of course, if @rrrrrrrrrrrrrrrr is on a business plan that's unlikely - CGNAT is usually residential/consumer only, barring a mixup on the ISP side.
– Bob
Jul 22 at 2:59
That first paragraph would only hold if the ISP is not applying CGNAT, right? If this is a new development then that's possibly something that has changed on the ISP end. Of course, if @rrrrrrrrrrrrrrrr is on a business plan that's unlikely - CGNAT is usually residential/consumer only, barring a mixup on the ISP side.
– Bob
Jul 22 at 2:59
@bob Absolutely - however even then, resources for carrier-grade NAT should be ample and never run out.
– Zac67
Jul 22 at 6:22
@bob Absolutely - however even then, resources for carrier-grade NAT should be ample and never run out.
– Zac67
Jul 22 at 6:22
|
show 5 more comments