TCP sync on ASA

A customer called today for a strange issue on their Cisco ASA. They have 60Mbit internet connection and a big event is filling the bandwidth. The session graph is what they are worried about:

This is a perfect example of TCP Sync, well explained HERE. The ISP applies a basic rate-limit rule on the router that causes the packet drops.

Since ISP uses a Cisco router as CPE I’ll try to negotiate some QoS policy to avoid the TCP sync behaviour.

 
comments powered by Disqus