This is our old Q&A Site. Please post any new questions and answers at

We have this application that we use to grab information from one SQL Server and do some calculations and so on, then put information into another SQL Server. We have been having some issues with it lately where it just stops working. Originally I had found duplicate SPNs and removed the dups and the application started working. now it stopped again. I ran wireshark on the workstation that uses this application and I'm seeing a lot of bad TCP. can someone help me figure out what all this means?

Capture File

alt text

asked 30 Sep '15, 07:45

ThompsonAdmin's gravatar image

accept rate: 0%

edited 30 Sep '15, 13:09

What do you exactly mean with "bad TCPs"

Do you mean the TCP Keep alive packets?

(30 Sep '15, 12:28) Christian_R

i mean its highlighted with black background and red text by keep alive i guess i'm refering to this... tcp.analysis.keep_alive

(30 Sep '15, 13:08) ThompsonAdmin

Ok. That is no real error. If for a defined period (could be mostly configured and this case 30 sec.) no segements had beeen received then the stacks probes if the session is still alive with so called "TCP-KEEP-ALLIVES" You can identify the frames by their SEQ number, because it is "SEQ Number of TCP-KEEP-ALLIVE = Expected SEQ Number - 1" .

So it will tell the system that it is still waiting.

permanent link

answered 30 Sep '15, 13:37

Christian_R's gravatar image

accept rate: 16%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 30 Sep '15, 07:45

question was seen: 2,053 times

last updated: 30 Sep '15, 13:37

p​o​w​e​r​e​d by O​S​Q​A