TCP Chat: Warnings and Notes

I am analysing a TCP Chat between workstations and a HTTP server (

I have noticed that some users have gotten problems to access the HTTP Server. So slow to put or get image files.

The communication way is the following:

Workstation -> router -> MPLS network -> router -> firewall -> packeteer -> router -> MPLS network -> router -> HTTP Server (

In the last traffic captured (in 10 minutes), I got the following notifications:

- 3850 TCP Chats

- 201 Warnings: like "TCP Previous segment lost", "TCP out of order segment"

- 586 Notes: like "TCP Dupl ACK", "TCP Retransmission"

Is that OK or do I have to improve the network ?

I think that the server is not supporting so many connections.

I saw that some ICMP packets was lost (1 or 2%) when I start a ping from firewall -> router -> MPLS network -> workstation

Please, help me in this issue.


Check the MTU settings on the workstations, also capture a typical tcp session to the server and see what MSS is being negotiated, then make sure the MTU along the path is higher than the MSS.


MSS and MTU is not modified.

I have seen other things:

There is QoS only for AF11 and AF12 to all kind of protocols.

I think the application of the user must have a specific QoS (priority).

What do you think?

Is fault of QoS a possible chance of dup ACK, retransmission and TCP out of order in the network?

it could be the QoS policy is dropping, or remarking packets at a certain level to drop later!

You need to have a look at the config end to end!


