This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Upgraded to Comcast Business Connection, HTTPS Sites Flaky?!

0

I recently upgraded my home connection to Comcast Business class (22Mbps down / 5Mbps down) with a static IP. Since moving from residential to business, my web connection is much, much faster for most pages. However, when loading HTTPS pages, about 75% of the time the request times out or is very, very slow (several seconds).

I had Comcast out a couple of days ago, they replaced the Comcast gateway so it's pretty unlikely it's a flaky modem. They left me with an SMC 8014, and the home router I have connected to it is a Netgear WNDR3700, and all my home machines are plugged into the Netgear. (It doesn't matter which machine I plug into which router, I can pretty reliably reproduce the problem as described.)

I installed Wireshark and after reproducing the problem while capturing the session I see that when this happens my machine is sending multiple retransmissions (TCP RTO) followed by a reset (TCP RST). Everything I can find online about RST tracing deals with the situation where the server is sending the reset packets, but in this case it's my machine.

Unfortunately, I need a little bit of handholding because I'm totally new to Wireshark. I'm a software developer by trade but have never really done anything in this kind of hardcore network admin area. Hopefully someone can help me figure out what's up so I can fix this annoying issue.

Thanks to anyone that can help!

asked 17 Jan '11, 16:40

severoon's gravatar image

severoon
1111
accept rate: 0%

Ok, it seems that it's not just HTTPS traffic after all. For whatever reason, I was only noticing it on those sites before, but when I went to create this capture session normal pages timed out.

I loaded two sites several times, google.com and luxdomo.com. Sometimes they loaded, mostly they timed out. I captured all traffic in the hopes that someone can help me figure out what the heck is going on. (The Comcast people I've spoken with so far aren't worth much...)

~Thank~ you for any info you can provide!

(18 Jan '11, 20:45) severoon

6 Answers:

0

I am fairly certain your client will send the RST when it has plain given up after sending so many unacknowledged retransmission. (It probably should have sent a FIN first though).

If you can make a packet capture available (possible showing a working HTTP and a non-working HTTPS session ) it will be more useful).

answered 17 Jan '11, 16:57

martyvis's gravatar image

martyvis
8911525
accept rate: 7%

0

Looking at the capture I see:

  1. 6 TCP connections which stopped after several unrecovered retransmissions.

    a. 4 connections to several different addresses for each of which there were several retransmissions to the destination followed by an RST when no acks are received.

    [edit] In two of the connections, sending a packet upstream failed after the connection was quiet for more than a minute. There's not enough data in the capture to tell if the other two had the same pattern.

    b. 2 connections in which the retransmissions were from an external address and the acks from the local address were apparently lost going upstream. No RST's/FINs are seen from upstream in this case. (?)

  2. 11 responses of "Request Time-out" from a96-17-159-18.deploy.akamaitechnologies.com (96.17.159.18). (See,for example,frame #790).

    I'm not sure what these are about and whether they are relevant to your issue.

<HTML><HEAD> <TITLE>Request Timeout</TITLE> </HEAD><BODY> <H1>Request Timeout</H1> The server timed out while waiting for the browser's request.<P> Reference&#32;&#35;2&#46;1c0f1160&#46;1295411897&#46;0 </BODY></HTML>

There are RST's associated with each of these.


Based upon the retransmissions I could make a guess that from time to time the uptream path for a connection permanently fails. I don't know why. Firewall issue ?

Perhaps others can provide some thoughts.

Perhaps doing "download & upload tests" (using one of the various test sites available) may provide consistent repeatable failures which you can use to discuss with Comcast.

Also: have you tried ping tests?

answered 19 Jan '11, 08:49

Bill%20Meier's gravatar image

Bill Meier ♦♦
3.2k1850
accept rate: 17%

edited 19 Jan '11, 09:15

Ok, that's about what I was able to conclude...communication just fails for no apparent reason. I will try the download and upload tests and see if I can find anything, but it only seems to happen for certain sites at certain times. With online bandwidth speed tests I've never had a problem.

Ping is another thing that always works.

I can't see as how it could be a firewall issue because I've been using my home router as configured with my residential connection for years with no problem. When Comcast upgraded me to business class a few weeks ago, I now have two routers, theirs and mine...

(19 Jan '11, 18:48) severoon

...and I've shut everything off on theirs. The only thing I can figure is there's some kind of signal problem on their side, or there's some kind of interaction between the two routers.

I'll try plugging my machine directly into the Comcast router and using it that way for awhile, see if I have the same problems...

(19 Jan '11, 18:50) severoon

0

I've seen similar issues when the upstream firewall drops out of order TCP. Cisco could not deal with out of order tcp in CBAC (using inspects) until something like 12.4(11)T.

answered 19 Jan '11, 09:45

Paul%20Stewart's gravatar image

Paul Stewart
3018
accept rate: 6%

0

This is a little off the subject. I have Comcast business in my home and want to switch back to residential. They are holding me hostage. They say I signed a 2 year contract 3 years ago and since I didn't call and cancel on the day the contract was up, I was automatically locked into another two years. Did you sign a contract? They say I have to provide a death certificate or papers from a lawyer saying my business went out of business. My business is too tiny to do this.

I have to admit I didn't have many problems with the internet lately. I did at first, but you pay for tech support. I would call and they would come out that day. Now they just won't let me cancel their service. Any advise? Did anyone else sign a contract?

answered 15 Jun '11, 09:52

curiousknowitall's gravatar image

curiousknowi...
1
accept rate: 0%

0

@curiousknowitall - I just checked my service contract. I signed a 1 year contract, and after it expires I will continue receiving the service without being under contract. If I want to take advantage of any promotional deals they have after that point I would have the option of signing another 1yr contract in order to do that, but I don't have to and I would continue receiving the service.

Something sounds very strange about your deal. If your initial contract expired and you had to sign that one, then they would have to have you re-sign another contract covering a subsequent term. It would be quite an extraordinary contract indeed that you could sign that would commit you to indefinite re-ups. Have them send you a copy of your contract and pull up your own copy, read them thru and see if you can find anything that commits you to automatic re-ups. If you do see something in there that does, it might be worth seeing if you can get a free consult with a lawyer (this is worth doing, there might be a class action suit here...mobile carriers aren't allowed to do what you're describing, I don't see why cable companies would).

If I don't see any language committing me to automatic re-ups, tho, what I would do is send them a letter informing them that you would like to discontinue service as of X day, then sign up for residential service as normal, and if they keep trying to charge business class services to your credit card call up the credit card company and dispute the charge. Provide them the contract and your letter and let their lawyers fight it out with Comcast.

answered 15 Jun '11, 11:09

severoon's gravatar image

severoon
1111
accept rate: 0%

0

@curiousknowitall - I just checked my service contract. I signed a 1 year contract, and after it expires I will continue receiving the service without being under contract. If I want to take advantage of any promotional deals they have after that point I would have the option of signing another 1yr contract in order to do that, but I don't have to and I would continue receiving the service.

Something sounds very strange about your deal. If your initial contract expired and you had to sign that one, then they would have to have you re-sign another contract covering a subsequent term. It would be quite an extraordinary contract indeed that you could sign that would commit you to indefinite re-ups. I would call back and continue escalating to see if you can get a resolution that way. If not, have them send you a copy of your contract and pull your own copy, read them thru and see if you can find anything that commits you to automatic re-ups. If you do see something in there that does, it might be worth seeing if you can get a free consult with a lawyer (this is worth doing, there might be a class action suit here...mobile carriers aren't allowed to do what you're describing, I don't see why cable companies would).

If I don't see any language committing me to automatic re-ups, tho, what I would do is send them a letter informing them that I am discontinuing service as of X day, then sign up for residential service as normal, and if they keep trying to charge business class services to your credit card call up the credit card company and dispute the charge. Provide the credit card company the contract and your letter and let their lawyers fight it out with Comcast. (It would be a good idea to have that letter sent return receipt requested.)

answered 15 Jun '11, 11:11

severoon's gravatar image

severoon
1111
accept rate: 0%