Reporting on bad TCP connections with ExtremeAnalytics

  • 0
  • 1
  • Question
  • Updated 1 year ago
  • Answered
Some users are reporting slowness with an online service we use, they complained to that service and were instantly told it was their computers. I saw this and rubbed my hands at the thought of using ExtremeAnalytics to prove them wrong, but everything looked alright.

So I fired up wireshark and saw that sometimes the webserver would just stop responding after SSL was negotiated; from what I can tell, these flows never made it into the Analytics flows. Is this expected behaviour?

Additionally, the server (which is actually a DDoS prevention front-end I believe) keeps the connection alive for a few minutes, so subsequent HTTPS requests go over the same connection, thus hiding a 2.5 second response time as it's not a new flow, but I doubt there's much way to identify this programmatically.

Photo of James A

James A, Embassador

  • 6,542 Points 5k badge 2x thumb

Posted 1 year ago

  • 0
  • 1
Photo of Dudley, Jeff

Dudley, Jeff, Employee

  • 914 Points 500 badge 2x thumb
Hi James,

Sorry for the late reply.  As of right now, this is functioning as expected.  We will calculate the time values based on the first tcp packets syn/syn ack and the first data packet exchange.  We don't have a mechanism right now to constantly monitor a session once connected.

Thanks and regards
Jeff