TCP Errors/Retransmits Test
Due to network congestion, traffic load balancing, or other unpredictable network behavior, IP packets can be lost. TCP detects these problems, and requests retransmission of lost data. Most often TCP retransmissions have a significant impact on application performance, and will hence have to be kept at a minimum. Using this test, you can determine how often packets sent to/sent by the ADC were retransmitted, and can promptly detect the following:
- What type of packets (Client, Server, SYN, FIN, etc.) were retransmitted the most?
- What is causing the retransmissions - is it a bad network link between the ADC appliance and the virtual server? is it a poor network connection between the client and the ADC appliance? or is it due to an improperly set timeout value for TCP connections?
- Were the retransmissions successful?
- Is any packet received with TCP checksum error?
Target of the test : An ADC VPX/MPX
Agent deploying the test : A remote agent
Outputs of the test : One set of results for the ADC appliance being monitored.
| Parameter | Description |
|---|---|
|
Test Period |
How often should the test be executed. |
|
Host |
The IP address of the host for which the test is being configured. |
|
NetScaler Username and NetScaler Password |
To monitor a ADC device, the eG agent should be configured with the credentials of a user with read-only privileges to the target ADC device. Specify the credentials of such a user in the NetScaler Username and NetScaler Password text boxes. |
|
Confirm Password |
Confirm the ADC Password by retyping it here. |
|
SSL |
The eG agent collects performance metrics by invoking NITRO (ADC Interface Through Restful interfaces and Objects) APIs on the target ADC device. Typically, the NITRO APIs can be invoked through the HTTP or the HTTPS mode. By default, the eG agent invokes the NITRO APIs using the HTTPS mode. This is why, the SSL flag is set to Yes by default. If the target ADC device is not SSL-enabled, then the NITRO APIs can be accessed through the HTTP mode only. In this case, set the SSL flag to No. |
| Measurement | Description | Measurement Unit | Interpretation |
|---|---|---|---|
|
Client retransmissions |
Indicates the number of packets that were retransmitted by a client during the last measurement period. |
Number |
The packets are retransmitted when the acknowledgment from the ADC has not reached the client. |
|
Server retransmissions |
Indicates the number of packets that were retransmitted by a server during the last measurement period. |
Number |
The packets are retransmitted when the acknowledgment from the ADC has not reached the server. |
|
Full packet retransmissions |
Indicates the number of full packets (i.e., the packets as it was originally transmitted) retansmitted by the client or the server during the last measurement period. |
Number |
|
|
Partial packet retransmissions |
Indicates the number of partial packets that were retransmitted by a client or server during the last measurement period. |
Number |
Some packets may be lost/dropped during transmission due to network congestion or due to a possible connection failure. When retransmission takes place, the remaining packets will alone be sent by the client/server and such remaining packets are termed as partial packets. |
|
SYN packet retries |
Indicates the number of SYN (synchronize) packets resent to a server during the last measurement period. |
Number |
|
|
FIN packet retries |
Indicates the number of FIN packets resent to a server or client during the last measurement period. |
Number |
|
|
SYN packets timeout |
Indicates the number of SYN packets that were not retransmitted during the last measurement period. |
Number |
The SYN packets may not be retransmitted due to the timeout that occurred while establishing a connection on the ADC. |
|
FIN packets timeout |
Indicates the number of FIN packets that were not retransmitted even after four attempts during the last measurement period. |
Number |
The FIN packets may not be retransmitted due to a connection timeout that may have occurred because of not receiving the ACK packet after retransmitting the FIN packet four times. |
|
TCP retransmissions |
Indicates the number of TCP packets retransmitted during the last measurement period. |
Number |
Ideally, the value of this measure has to be low. |
|
TCP retransmission giveup |
Indicates the number of times the ADC terminates a connection due to non-retransmission of the packets even after seven attempts on that connection during the last measurement period. |
Number |
If the value of this measure is high, you may want to check what is causing the repeated transmission failures. |
|
Fast retransmits |
Indicates the number of TCP packets on which the ADC performs a fast retransmission in response to three duplicate acknowledgements or a partial acknowledgement during the last measurement period. |
Number |
Fast retransmission occurs because the ADC assumes that the packet is lost and retransmits the packet before its time-out. |
|
TCP level client header insertion failure |
Indicates the number of times the TCP level client header insertion failed during the last measurement period. |
Number |
|
|
First retransmissions |
Indicates the number of packets that were retransmitted in the first attempt by the ADC during the last measurement period. |
Number |
If a large number of packets take too long to be successfully retransmitted, you may have to figure out what is causing the repeated retransmission failures and fix it before more packet loss occurs. |
|
Second retransmissions |
Indicates the number of packets that were retransmitted in the second attempt by the ADC during the last measurement period. |
Number |
|
|
Third retransmissions |
Indicates the number of packets that were retransmitted in the third attempt by the ADC during the last measurement period. |
Number |
|
|
Fourth retransmissions |
Indicates the number of packets that were retransmitted in the fourth attempt by the ADC during the last measurement period. |
Number |
|
|
Fifth retransmissions |
Indicates the number of packets that were retransmitted in the fifth attempt by the ADC during the last measurement period. |
Number |
|
|
Sixth retransmissions |
Indicates the number of packets that were retransmitted in the sixth attempt by the ADC during the last measurement period. |
Number |
|
|
Seventh retransmissions |
Indicates the number of packets that were retransmitted in the seventh attempt by the ADC during the last measurement period. |
Number |
|
|
Bad TCP checksum |
Indicates the number of packets that are received with TCP checksum errors. |
Number |
|
|
Data after FIN |
Indicates the number of bytes received following a connection termination request. |
Number |
This error is usually caused by reordering packets during transmission. |
|
SYN in SYN_RCVD state |
Indicates the number of SYN packets received on a connection that is in the SYN_RCVD state. |
Number |
A connection goes into the SYN_RCVD state after receiving a SYN packet. |
|
SYN in established state |
Indicates the number of SYN packets received on a connection that is in the ESTABLISHED state. |
Number |
A SYN packet is not expected on an ESTABLISHED connection |
|
SYN_SENT incorrect ACK packets |
Indicates the number of incorrect ACK packets received on a connection that is in the SYN_SENT state. |
Number |
An incorrect ACK packet is the third packet in the three-way handshake that has an incorrect sequence number. |
|
Reset packets received |
Indicates the number of reset packets received from a client or a server. |
Number |
|
|
Reset on not established |
Indicates the number of reset packets received on a connection that is not in the ESTABLISHED state. |
Number |
|
|
Reset out of window |
Indicates the number of reset packets received on a connection that is out of the current TCP Window |
Number |
|
|
Reset in time waits |
Indicates the number of reset packets received on a connection that is in the TIME_WAIT state. |
Number |
Typically, packets cannot be transferred on a connection in the TIME_WAIT state. Therefore, the value of this measure is desired to be very low. |
|
Client out of order packets |
Indicates the number of out of order TCP packets received from a client. |
Number |
|
|
Server out of order packets |
Indicates the number of out of order TCP packets received from a server. |
Number |
|
|
TCP holes on client connection |
Indicates the number of TCP holes created on a client connection. |
Number |
TCP holes are created on the ADC appliance for each group of missing packets when out of order packets are received from a client. |
|
TCP holes on server connection |
Indicates the number of TCP holes created on a server connection. |
Number |
TCP holes are created on the ADC appliance for each group of missing packets when out of order packets are received from a server. |
|
Sequence number SYN cookie rejects |
Indicates the number of SYN cookie packets rejected due to an incorrect sequence number. |
Number |
|
|
Signature SYN cookie rejects |
Indicates the number of SYN cookie packets rejected due to an incorrect signature. |
Number |
|
|
Sequence number SYN cookie drops |
Indicates the number of SYN cookie packets dropped because the sequence number specified in the packets is outside the current Window. |
Number |
|
|
MSS SYN cookie rejects |
Indicates the number of SYN cookie packets rejected due to the incorrect maximum segment size (MSS) specified in the packets. |
Number |
|
|
Any IP port allocation failures |
Indicates the number of port allocations failed on a mapped IP address. |
Number |
These failures occur when the maximum limit of 65536 has exceeded or the mapped IP address is not configured. |
|
IP port allocation failures |
Indicates the number of port allocations that failed on a subnet IP address or virtual server IP address. |
Number |
These kind of failures occur when the maximum limit of 65536 has exceeded. |
|
Stray packets |
Indicates the number of packets received on a connection whose state is not maintained on the ADC appliance. |
Number |
|
|
Reset packets sent |
Indicates the number of reset packets that are sent to a client or a server. |
Number |
|
|
Bad state connections |
Indicates the number of connections that are not in a valid TCP state. |
Number |
|
|
Reset threshold dropped |
Indicates the number of reset packets dropped due to the violation in default threshold. |
Number |
If the value of this measure increases gradually/suddenly, administrators should reconfigure the default threshold value using the set rate Control command. |
|
Packets out of window |
Indicates the number of packets received which are out of the current advertised Window. |
Number |
|
|
SYNs dropped |
Indicates the number of SYN packets dropped due to network congestion |
Number |
|
