TCP connection failures due to dropped SYN-ACK packets

Solution Verified - Updated -

Issue

The SYN-ACK, the second packet in the TCP 3-way handshake, occasionally appears to be dropped from a Red Hat Enterprise Linux client when connecting to various other servers.

The packet:
- does not show up in tcpdump on the bond or physical interfaces
- does not show up in netstat statistics captured close to the event or /proc/net/dev
- is apparently dropped whether NIC offloading options are enabled or disabled
- is apparently dropped with bonding and firewalls enabled or disabled
- is apparently dropped with old or new firmware on the NIC
- is apparently dropped even after network cards are replaced

Network traces from a sniffer connected to a span port on the edge switch show the packets, but they don't ever seem to reach the kernel of the server.

Environment

  • Red Hat Enterprise Linux 6.4 and 6.5
  • Cisco WS-C4948-10GE edge switch running cat4500-entservicesk9-mz.122-31.SGA9.bin with QoS and/or traffic shaping enabled; no layer 4 management functions enabled
  • Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe - drv tg3 v3.124 / fw FFV7.2.20 bc 5720-v1.25
  • Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe - drv tg3 v3.132 / fw FFV7.2.20 bc 5720-v1.25

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In