Hello, I have each day some looses of connection (+-10) between a supervision program on a server and a device. I have put a wireshark to analyse this problem and here is what i get when the loose of connection happens : TCP ACKed unseen segment. (ip.src=server and ip.dest=device) TCP Previous segment not captured.(ip.src=device and ip.dest=host) TCP Keep-Alive. (from device to server) TCP Keep-Alive ACK. (from server to device)
Where does this problem could come from ? Thanks in advance. asked 05 Dec '16, 03:09  Stabuloosh |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
Can you provide a packet capture via Cloudshark? Or at minimum, a screenshot with much more data that's not broken up into parts for Server and Device?
There's not much here to go with right now. It looks like Server needs to send some data to Device every so often, and it may happen so infrequently that Device needs to send a Keepalive. A whole packet capture can help provide more context on this and help figure out the problem. For example, if you're losing TCP connections, you should be seeing the TCP FIN or RST packets. I don't see that in your screenshot.
You can find the capture below.
https://www.cloudshark.org/captures/7176abfd2d92
ip==10.150.10.69 = server
ip==10.150.104.51 = device
Indeed the server (where runs the supervision programm) sends data to the device often to see the state of the device.
Thanks a lot.