TCP connection failures due to dropped SYN-ACK packets

Solution Verified - Updated -

Issue

The SYN-ACK, the second packet in the TCP 3-way handshake, occasionally appears to be dropped from a Red Hat Enterprise Linux client when connecting to various other servers.

The packet:
- does not show up in tcpdump on the bond or physical interfaces
- does not show up in netstat statistics captured close to the event or /proc/net/dev
- is apparently dropped whether NIC offloading options are enabled or disabled
- is apparently dropped with bonding and firewalls enabled or disabled
- is apparently dropped with old or new firmware on the NIC
- is apparently dropped even after network cards are replaced

Network traces from a sniffer connected to a span port on the edge switch show the packets, but they don't ever seem to reach the kernel of the server.

Environment

  • Red Hat Enterprise Linux 6.4 and 6.5
  • Cisco WS-C4948-10GE edge switch running cat4500-entservicesk9-mz.122-31.SGA9.bin with QoS and/or traffic shaping enabled; no layer 4 management functions enabled
  • Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe - drv tg3 v3.124 / fw FFV7.2.20 bc 5720-v1.25
  • Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe - drv tg3 v3.132 / fw FFV7.2.20 bc 5720-v1.25

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content