We have recently installed IIS 6.0 to host our web site
and some clients are having troubles connecting. Seems
when their computer sends a SYN command, IIS 6.0 sends
HTTP traffic instead of the standard ACK back to open the
connection. Can someone help me solve this puzzling
problem?
Here is the sniffer report:
- - - - - - - - - - - - - - - - - - - - Frame 1 - - - - - - - - - - - -
- - - - - - - -
Frame Status Source Destination
Bytes Rel Time
Delta Time Abs time Summary
------------------------------------------------------------------------
------------------------------------------------------------------------
---------------------
1 M [207.181.46.20] [10.247.84.2]
60 0:00:00.000
0.000.000 02/19/2004 02:18:00 PM TCP: D=80 S=11076 SYN SEQ=2633093240
LEN=0 WIN=16384
DLC: ----- DLC Header -----
DLC:
DLC: Frame 1 arrived at 14:18:00.5209; frame size is 60 (003C
hex) bytes.
DLC: Destination = Station 000802ED8A3E
DLC: Source = Station Comda 241BFC
DLC: Ethertype = 0800 (IP)
DLC:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: 000. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = ECT bit - transport protocol will ignore the
CE bit
IP: .... ...0 = CE bit - no congestion
IP: Total length = 44 bytes
IP: Identification = 13928
IP: Flags = 4X
IP: .1.. .... = don't fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 56 seconds/hops
IP: Protocol = 6 (TCP)
IP: Header checksum = AFA1 (correct)
IP: Source address = [207.181.46.20]
IP: Destination address = [10.247.84.2]
IP: No options
IP:
TCP: ----- TCP header -----
TCP:
TCP: Source port = 11076
TCP: Destination port = 80 (WWW/WWW-HTTP/HTTP)
TCP: Initial sequence number = 2633093240
TCP: Next expected Seq number= 2633093241
TCP: Data offset = 24 bytes
TCP: Reserved Bits: Reserved for Future Use (Not shown in the Hex
Dump)
TCP: Flags = 02
TCP: ..0. .... = (No urgent pointer)
TCP: ...0 .... = (No acknowledgment)
TCP: .... 0... = (No push)
TCP: .... .0.. = (No reset)
TCP: .... ..1. = SYN
TCP: .... ...0 = (No FIN)
TCP: Window = 16384
TCP: Checksum = CF17 (correct)
TCP: Urgent pointer = 0
TCP:
TCP: Options follow
TCP: Maximum segment size = 1380
TCP:
DLC: Frame padding= 2 bytes
- - - - - - - - - - - - - - - - - - - - Frame 2 - - - - - - - - - - - -
- - - - - - - -
Frame Status Source Destination
Bytes Rel Time
Delta Time Abs time Summary
------------------------------------------------------------------------
------------------------------------------------------------------------
---------------------
2 [10.247.84.2] [207.181.46.20]
60 0:00:00.002
0.002.615 02/19/2004 02:18:00 PM HTTP: R Port=11076 Graphics Data
DLC: ----- DLC Header -----
DLC:
DLC: Frame 2 arrived at 14:18:00.5235; frame size is 60 (003C
hex) bytes.
DLC: Destination = Station Comda 241BFC
DLC: Source = Station 000802ED8A3E
DLC: Ethertype = 0800 (IP)
DLC:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: 000. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = ECT bit - transport protocol will ignore the
CE bit
IP: .... ...0 = CE bit - no congestion
IP: Total length = 44 bytes
IP: Identification = 13928
IP: Flags = 4X
IP: .1.. .... = don't fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 55 seconds/hops
IP: Protocol = 6 (TCP)
IP: Header checksum = B0A1 (correct)
IP: Source address = [10.247.84.2]
IP: Destination address = [207.181.46.20]
IP: No options
IP:
TCP: ----- TCP header -----
TCP:
TCP: Source port = 80 (WWW/WWW-HTTP/HTTP)
TCP: Destination port = 11076
TCP: Sequence number = 1660874055
TCP: Next expected Seq number= 1660874059
TCP: Acknowledgment number = 2634093240
TCP: Data offset = 20 bytes
TCP: Reserved Bits: Reserved for Future Use (Not shown in the Hex
Dump)
TCP: Flags = 10
TCP: ..0. .... = (No urgent pointer)
TCP: ...1 .... = Acknowledgment
TCP: .... 0... = (No push)
TCP: .... .0.. = (No reset)
TCP: .... ..0. = (No SYN)
TCP: .... ...0 = (No FIN)
TCP: Window = 16384
TCP: Checksum = E011 (correct)
TCP: Urgent pointer = 0
TCP: No TCP options
TCP: [4 Bytes of data]
TCP:
HTTP: ----- Hypertext Transfer Protocol -----
HTTP:
HTTP: 1: d
HTTP:
DLC: Frame padding= 2 bytes
- - - - - - - - - - - - - - - - - - - - Frame 3 - - - - - - - - - - - -
- - - - - - - -
Frame Status Source Destination
Bytes Rel Time
Delta Time Abs time Summary
------------------------------------------------------------------------
------------------------------------------------------------------------
---------------------
3 [207.181.46.20] [10.247.84.2]
62 0:00:17.473
17.471.352 02/19/2004 02:18:17 PM TCP: D=80 S=11184 SYN SEQ=94646449
LEN=0 WIN=16384
DLC: ----- DLC Header -----
DLC:
DLC: Frame 3 arrived at 14:18:17.9949; frame size is 62 (003E
hex) bytes.
DLC: Destination = Station 000802ED8A3E
DLC: Source = Station Comda 241BFC
DLC: Ethertype = 0800 (IP)
DLC:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: 000. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = ECT bit - transport protocol will ignore the
CE bit
IP: .... ...0 = CE bit - no congestion
IP: Total length = 48 bytes
IP: Identification = 1643
IP: Flags
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!