Up front, I'm not a networks person. My concentration is mostly VSI/VDI and Storage. While dealing with an SCCM issue, I was running a packet capture on my primary NIC. I noticed long strings of DUP Acks with an SLE and SRE. My understanding is this is part of SACK's functionality, with the SLE marking the 'end' of a segment of packets, and the SRE marking the 'start' of another segment of packets. What I am having a hard time understanding is that the SRE is increasing with in each subsequent DUP Ack. Then a second set of SLE and SRE appears, then a third, then a fourth. Sorry for the anonymized data, everything here is public IP space, though all in the same campus/LAN.
https://imgur.com/PuQUvok https://imgur.com/OD5JkFT
A little further down, there are long strings of Spurious Retransmissions , Fast retrans, and then regular retrans.
Any guidance on why this might be happening or additional data that I could gather to better assist our networks team? The conversation is between a laptop on a wired connection and a server that is virtualized in our datacenter. Networking between here and there passes through a pair of Aruba switches running VRRP and functioning as the SVI for the building VLAN, 2 different pairs of Arista switches also running VRRP, an HA Pair of palo altos, a pair of Arista top-of-rack switches running VRRP, and finally into the HPE F8 virtual connects and passed off to the VMware layer.
No comments:
Post a Comment