Solaris VM Experiencing Frequent Timeouts

Question

We are having an issue with all of our Solaris VMs. The issue we're seeing is frequent timeouts when when connecting via SSH or HTTP. It only seems to affect initial connections... when I connect via SSH it will hang and timeout before I even get the login prompt, however if I CTRL C it and try again it connects just fine.

I logged into the VMware console and ran the snoop command on the Solaris VM to get a packet capture when this occurred. Here is the capture.

My computer is 10.0.0.3 and I removed the hostname of the Solaris VM I'm connecting to.

Based on the packet capture, it looks like the VM sees my first SYN packet, but does not reply, prompting my computer to resend it. It then decides to reply with an ACK packet, which I believe should've been a SYN ACK packet. Then it looks like it sends a SYN ACK packet.

Does anyone know why this is happening? Our Cisco ASA firewall waits 30 seconds and then tears down the connection because of the SYN timeout.

Thanks in advance for any help.

Derek

Answer 1

The latest patch cluster seems to have resolved our issue. The issue is documented here, and was fixed in patch 144489-05.

Thanks for your help.

Answer 2

Your capture lacks information about what else is going on in the network. My first thought whenever I see inexplicable delays in TCP connections is "DNS lookup". This goes double when you're using RFC1918 addresses, because there usually isn't even an rDNS server anywhere to say "bugger off", so the lookups timeout.

My bet is that your VM has misconfigured DNS, and the delay you're seeing is the SSH daemon on the VM going "just who are you?" and waiting for the result. The ^C-retry-success sequence is probably just enough time for the VM to realise it's not going to get an answer and letting you through the second time.

I'll bet a complete capture of traffic to/from/around the VM would show DNS packets going nowhere interesting. Recheck your DNS resolution on the VM, and you'll probably find something useful.