This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Too many FIN_WAIT_2 and Client’s delayed tls encrypted alert followed by server’s fin with Keep-Alive On

0

Hi.

We are using Apache 2.4 and Keep Alive is set to On.

We have too many Fin_Wait_2.

Captured packets are like as following.

---begin of session---

p1. session open

p2. tls handshakes

p3. application data

p4. no packets during 5 seconds

p5. server's fin

p6. client's ack

p7. no packets during 19~79 seconds

p8. client's "Encrypted Alert" and TCP RESET(session close)

---end of session---

p7 is not shown when Keep-Alive is set to Off. (There is not any delay with keep-alive off.)

I need your idea about

  1. p7(state of FinWait2)?
  2. Client's delayed "Encrypted Alert"(p8)?

Thanks.

asked 15 Apr '17, 00:51

impask's gravatar image

impask
6112
accept rate: 0%

keep alive time-out is 5 seconds

(15 Apr '17, 00:59) impask