Skip to main content

TCP Out of Order Packets

More
18 years 1 month ago #17452 by Amit17
TCP Out of Order Packets was created by Amit17
Hi Guys,

I need help decoding a trace. I am seeing lot of tcp OOO, TCP Dup Acks, TCP Previous Segment Lost. Ocassionally, I am seeing TCP Window Update. I am spanning the entire Vlan on a Cisco 6K. So I understand, I will see Duplicate Acks, as my span port is seeing it twice. But how do I explain rest of the messages? Thanks in advance for your help.
More
18 years 1 month ago #17463 by Smurf
Replied by Smurf on topic Re: TCP Out of Order Packets
Had similar issues with this when i did the same thing. It was caused by me spanning the whole VLAN for transmit/receive packets which were screwing the results up.

What does happen when you just span the vlan with one transmit or receive instead of both ?

I do have an article that i get e-mailed to me explaining something which i cannot remember (it was when i raised a TAC with our suppliers). I will try and remember to dig it out when i am in the office

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 10 months ago #19421 by pburdine
Replied by pburdine on topic Re: TCP Out of Order Packets
Did you ever find that article? I am running into a very similar issue here and would like to see it.

Thanks
More
17 years 10 months ago #19422 by Smurf
Replied by Smurf on topic Re: TCP Out of Order Packets
Hehe, knew there was something i needed to do;

Click here here
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.140 seconds