Out-of-order and DUPs outside of FWSM

Unanswered Question

I have a Java application over SSL that is not performing well outside of our FWSM, and in fact hanging completely in many situations. When I run the application inside the FWSM with Wireshark scanning the traffic, everything looks hunky-dory. Running the same app and scan outside the FWSM shows a very large number of TCP Out-of-order, Previous segment lost, and Dup ACK messages.

Any ideas?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amritpatek Thu, 12/13/2007 - 14:49

This usually happens when the FWSM is working in multi context mode and the incoming and outgoing interfaces for the traffic belong to different context. This happens because the FWSM has to internally loopback the traffic and thus this impacts the performance of the device.

Actions

This Discussion