Forum Discussion
TCP SYN Drop ... is this PAWS?
Hello,
One of our customers reported some connections with delayed HTTP response.
And I think I might have bumped into the PAWS TCP SYN Drop problem.
At some point connections going from the LTM to the pool servers will have the TSval Timestamp in the past and the server will not answer with the SYN ACK until after the 3rd retransmission. The last retransmission from the F5 has no Timestamp and then server will answer with the SYN ACK. I have attached a sanitized wireshark snapshot. I have captured the Client Side SYN from CLient to VIP and the Server Side connection initiation from the LTM to the pool server.
On this image the Client IP ends in .62, the VIP is 146, and pools server is 10.20.1.24.
All comments and suggestions are welcome.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com