Out-of-order and DUPs outside of FWSM

Unanswered Question

I have a Java application over SSL that is not performing well outside of our FWSM, and in fact hanging completely in many situations. When I run the application inside the FWSM with Wireshark scanning the traffic, everything looks hunky-dory. Running the same app and scan outside the FWSM shows a very large number of TCP Out-of-order, Previous segment lost, and Dup ACK messages.

Any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
amritpatek Thu, 12/13/2007 - 14:49
User Badges:
  • Silver, 250 points or more

This usually happens when the FWSM is working in multi context mode and the incoming and outgoing interfaces for the traffic belong to different context. This happens because the FWSM has to internally loopback the traffic and thus this impacts the performance of the device.


This Discussion