Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

TCP Retransmission/ TCP Dup ACK/ TCP Out-of-Order due to MTU mismatch

 

Information

 

Summary:

A virtual service was configured and seeing TCP Retransmission/ TCP Dup ACK/ TCP Out-of-Order and some errors from the application.

Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any

Question/Problem Description:

Trying to establish a TLS tunnel through a Virtual Service but it times out. However, when pointing directly to the server, client machine is able to establish the TLS tunnel as expected.

Steps to Reproduce:  
Error Message: "Connection Timeout"
Defect Number:  
Enhancement Number:  
Cause: MTU mismatch on the server side (LoadMaster - Server)
Resolution:
  • We took a packet capture from the LoadMaster to see the traffic flow from the client all the way to the server. The traffic flow is AWS - VIP - Relay servers.
  • The traffic was all encrypted so there was not much to see at the application level.
  • We found out that there was MTU mistmatch between client, LoadMaster, and server. The server's MTU is 1514, the LoadMaster was 9000 and from AWS, it was 9000 as well.
  • We modified the MTU to be the same as the server and this solved the issue for the customer.
Workaround:  
Notes:  

Comments