Imagine someone poses this scenario to you: There is no "known and right" answer here. Its just a brainstorming thing....
A host sitting on a LAN segment can reach a server that sits on a different subnet across a L3 cloud.
The client can hit the WEB server, click on the "contact us" link and its fast.
The client, however, will try to download a file from the WEB server and its real slow, and then eventually dies out.
The question was 'what do you look for'?
The connection shown was a client PC connected to a L2 switch, a router, a WAN connection, another router, a L2 switch, a Firewall, and then the server.
My approach and thinking was the following:
The client can reach the server, so the FW is not blocking it. There is also no asymmetric routing (at least as far as the FW segment is concerned) because the connection is established. If, say, the client's SYN packet was routed through 1 Firewall and the server's SYN-ACK was routed back toward the client but through a different firewall (not shown on the drawing), the connection would never be established.
I also suggested running an extended PING test with an extended packet size of, say, 1400 BYTES, from the client to the server.
The answer given was that the RTT was about 50 or so ms and fluctuating a bit - say, between 50 and 75ms. Nothing significant. Only 1 lost packet here and there...nothing more.
My answer was that if there was anything wrong with the hardware or the integrity of the circuit (lets say a ton of errors on some interfaces), it would have been reflected in the stringent PING test that I recommended.
Moreover, there is nothing wrong with the network's routing because there is no sign of latency and there is no reason to go from L3 hop to L3 hop to check the routing because if some sort of asymmetric routing was causing the problem by routing the traffic intermittently through, say, a 56K connection, that would have been reflected in the continuous, extended PING times.
Was my line of thinking logical or reasonable?