A customer called today for a strange issue on their Cisco ASA. They have 60Mbit internet connection and a big event is filling the bandwidth. The session graph is what they are worried about:

<img src="https://www.ifconfig.it/images/asa_tcp_sync-300x137.png" alt="">

This is a perfect example of TCP Sync, well explained HERE . The ISP applies a basic rate-limit rule on the router that causes the packet drops.

Since ISP uses a Cisco router as CPE I’ll try to negotiate some QoS policy to avoid the TCP sync behaviour.