I am using Ubuntu 8.04 an madscientist's script to connect to a vpn. It works for awhile (usually 30s or so) and then the connection dies. My ssh session freezes. Below is the packet sequence that I captured using Wireshark. Everything looks good until the TCP Retransmissions and the TCP CHECKSUM INCORRECT errors start around packet 7914. Could someone please look at this and give me some insight? I am really stumped. Thank you!
The Wireshark logs: (see attached screenshot, too)
Code:
No. Time Source Destination Protocol Info
7905 38.299327 192.168.74.16 172.20.49.156 TCP 33472 > ssh [ACK] Seq=5241 Ack=1600384 Win=171264 Len=0 TSV=15622614 TSER=4170538983
7906 38.301442 208.70.66.53 192.168.1.103 TLSv1 Application Data
7907 38.301491 172.20.49.156 192.168.74.16 SSHv2 Encrypted response packet len=208
7908 38.301507 192.168.74.16 172.20.49.156 TCP 33472 > ssh [ACK] Seq=5241 Ack=1600592 Win=171264 Len=0 TSV=15622615 TSER=4170538986
7909 38.305724 208.70.66.53 192.168.1.103 TLSv1 Application Data
7910 38.305772 192.168.1.103 208.70.66.53 TCP 53441 > https [ACK] Seq=64738 Ack=1772123 Win=694144 Len=0
7911 38.305822 172.20.49.156 192.168.74.16 SSHv2 Encrypted response packet len=288
7912 38.305845 192.168.74.16 172.20.49.156 TCP 33472 > ssh [ACK] Seq=5241 Ack=1600880 Win=171264 Len=0 TSV=15622616 TSER=4170538991
7913 38.390166 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7914 38.556029 192.168.1.103 208.70.66.53 TLSv1 [TCP Retransmission] Application Data, Application Data, Application Data, Application Data
7915 39.091052 192.168.1.103 208.70.66.53 TLSv1 [TCP Retransmission] Application Data, Application Data, Application Data, Application Data
7916 39.311862 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7917 39.579176 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [PSH, ACK] Seq=1080 Ack=10781 Win=49536 [TCP CHECKSUM INCORRECT] Len=20 TSV=15622935 TSER=15622435
7918 39.579292 127.0.0.1 127.0.0.1 TCP 4242 > 33405 [PSH, ACK] Seq=10781 Ack=1100 Win=33920 [TCP CHECKSUM INCORRECT] Len=186 TSV=15622935 TSER=15622935
7919 39.579322 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [ACK] Seq=1100 Ack=10967 Win=49536 Len=0 TSV=15622935 TSER=15622935
7920 40.164047 192.168.1.103 208.70.66.53 TLSv1 [TCP Retransmission] Application Data, Application Data, Application Data, Application Data
7921 40.336134 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7922 41.579175 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [PSH, ACK] Seq=1100 Ack=10967 Win=49536 [TCP CHECKSUM INCORRECT] Len=20 TSV=15623435 TSER=15622935
7923 41.579297 127.0.0.1 127.0.0.1 TCP 4242 > 33405 [PSH, ACK] Seq=10967 Ack=1120 Win=33920 [TCP CHECKSUM INCORRECT] Len=186 TSV=15623435 TSER=15623435
7924 41.579323 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [ACK] Seq=1120 Ack=11153 Win=49536 Len=0 TSV=15623435 TSER=15623435
7925 41.651754 192.168.1.103 72.14.223.19 TLSv1 Encrypted Alert
7926 41.651786 192.168.1.103 72.14.223.19 TCP 39213 > https [FIN, ACK] Seq=1375 Ack=13630 Win=37632 Len=0 TSV=15623453 TSER=2375551429
7927 41.652012 192.168.1.103 64.233.167.83 TLSv1 Encrypted Alert
7928 41.652030 192.168.1.103 64.233.167.83 TCP 53046 > https [FIN, ACK] Seq=2301 Ack=14385 Win=40448 Len=0 TSV=15623453 TSER=1775196206
7929 41.652190 192.168.1.103 209.85.133.136 TCP 43192 > http [FIN, ACK] Seq=1 Ack=1 Win=69 Len=0 TSV=15623453 TSER=2446663484
7930 41.769660 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7931 41.891032 192.168.1.103 209.85.133.136 TCP 43192 > http [FIN, ACK] Seq=1 Ack=1 Win=69 Len=0 TSV=15623513 TSER=2446663484
7932 41.915023 192.168.1.103 72.14.223.19 TLSv1 [TCP Retransmission] Encrypted Alert
7933 42.308053 192.168.1.103 208.70.66.53 TLSv1 [TCP Retransmission] Application Data, Application Data, Application Data, Application Data
7934 42.375116 192.168.1.103 209.85.133.136 TCP 43192 > http [FIN, ACK] Seq=1 Ack=1 Win=69 Len=0 TSV=15623633 TSER=2446663484
7935 42.443120 192.168.1.103 72.14.223.19 TLSv1 [TCP Retransmission] Encrypted Alert
7936 42.793741 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7937 43.331053 192.168.1.103 209.85.133.136 TCP 43192 > http [FIN, ACK] Seq=1 Ack=1 Win=69 Len=0 TSV=15623873 TSER=2446663484
7938 43.500368 192.168.1.103 72.14.223.19 TLSv1 [TCP Retransmission] Encrypted Alert
7939 43.579107 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [PSH, ACK] Seq=1120 Ack=11153 Win=49536 [TCP CHECKSUM INCORRECT] Len=20 TSV=15623935 TSER=15623435
7940 43.579185 127.0.0.1 127.0.0.1 TCP 4242 > 33405 [PSH, ACK] Seq=11153 Ack=1140 Win=33920 [TCP CHECKSUM INCORRECT] Len=186 TSV=15623935 TSER=15623935
7941 43.579201 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [ACK] Seq=1140 Ack=11339 Win=49536 Len=0 TSV=15623935 TSER=15623935
7942 43.715411 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7943 45.251051 192.168.1.103 209.85.133.136 TCP 43192 > http [FIN, ACK] Seq=1 Ack=1 Win=69 Len=0 TSV=15624353 TSER=2446663484
7944 45.353940 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7945 45.580189 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [PSH, ACK] Seq=1140 Ack=11339 Win=49536 [TCP CHECKSUM INCORRECT] Len=20 TSV=15624435 TSER=15623935
7946 45.580491 127.0.0.1 127.0.0.1 TCP 4242 > 33405 [PSH, ACK] Seq=11339 Ack=1160 Win=33920 [TCP CHECKSUM INCORRECT] Len=186 TSV=15624435 TSER=15624435
7947 45.580527 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [ACK] Seq=1160 Ack=11525 Win=49536 Len=0 TSV=15624435 TSER=15624435
7948 45.611054 192.168.1.103 72.14.223.19 TLSv1 [TCP Retransmission] Encrypted Alert
7949 46.378063 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7950 46.595129 192.168.1.103 208.70.66.53 TLSv1 [TCP Retransmission] Application Data, Application Data, Application Data, Application Data
7951 47.299602 Cisco-Li_19:e0:b6 ARP Who has 192.168.1.103? Tell 192.168.1.1
7952 47.580164 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [PSH, ACK] Seq=1160 Ack=11525 Win=49536 [TCP CHECKSUM INCORRECT] Len=20 TSV=15624935 TSER=15624435
7953 47.580283 127.0.0.1 127.0.0.1 TCP 4242 > 33405 [PSH, ACK] Seq=11525 Ack=1180 Win=33920 [TCP CHECKSUM INCORRECT] Len=640 TSV=15624935 TSER=15624935
7954 47.580318 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [PSH, ACK] Seq=1180 Ack=12165 Win=49536 [TCP CHECKSUM INCORRECT] Len=20 TSV=15624935 TSER=15624935
7955 47.580383 127.0.0.1 127.0.0.1 TCP 4242 > 33405 [PSH, ACK] Seq=12165 Ack=1200 Win=33920 [TCP CHECKSUM INCORRECT] Len=186 TSV=15624935 TSER=15624935
7956 47.619122 127.0.0.1 127.0.0.1 TCP 33405 > 4242 [ACK] Seq=1200 Ack=12351 Win=49536 Len=0 TSV=15624945 TSER=15624935
Bookmarks