MySQL Madness

• Previous message (by thread): OPERATIONAL: Royal Wedding expected to break traffic records
• Next message (by thread): MySQL Madness
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

So I am seeing some interesting behavior of TCP during a MySQL connect over
the network.  The following packets capture shows the packet flow:

asa1# sh capture debug-in
8 packets captured
  1: 21:49:13.461554 8.25.42.100.32929 > 74.81.76.195.3306: S
4107544000:4107544000(0) win 65535 <mss 1380,nop,wscale 3,sackOK,timestamp
2065216038 0>
  2: 21:49:13.462073 74.81.76.195.3306 > 8.25.42.100.32929: S
2601320299:2601320299(0) ack 4107544001 win 5792 <mss 1460,sackOK,timestamp
2581054349 2065216038,nop,wscale 7>
  3: 21:49:13.462210 74.81.76.195.3306 > 8.25.42.100.32929: P
2601320300:2601320363(63) ack 4107544001 win 46 <nop,nop,timestamp
2581054349 2065216038>
  4: 21:49:13.519061 8.25.42.100.32929 > 74.81.76.195.3306: . ack 2601320300
win 8208 <nop,nop,timestamp 2065216096 2581054349>
  5: 21:49:14.135384 8.25.42.100.32929 > 74.81.76.195.3306: P
4107544001:4107544003(2) ack 2601320300 win 8208 <nop,nop,timestamp
2065216712 2581054349>
  6: 21:49:14.135521 74.81.76.195.3306 > 8.25.42.100.32929: . ack 4107544003
win 46 <nop,nop,timestamp 2581055023 2065216712>
  7: 21:49:16.461981 74.81.76.195.3306 > 8.25.42.100.32929: P
2601320300:2601320363(63) ack 4107544003 win 46 <nop,nop,timestamp
2581057349 2065216712>
  8: 21:49:16.618147 8.25.42.100.32929 > 74.81.76.195.3306: . ack 2601320363
win 8208 <nop,nop,timestamp 2065219195 2581057349>
8 packets shown

Packet "1" is Syn from MySQL client to Server
Packet "2" is Syn/Ack from Server
Packet "3" is a TCP Push!  ??? HERE IS WHERE I AM CONFUSED
Packet "4" is the Ack from the client completing the 3-way hand shake.

My firewall is dropping packet "3" as it is not happy there is a push going
on before it sees the completed handshake.  Anybody run across this?  Is the
a MySQL option for a faster connection?

Finally the firewall is a Cisco ASA and the "TCP Normalization" feature is
dropping the packet.  Specifically is the "tcp-3whs-failed" rule that is
being offended.  I cannot seem to figure out a way to turn this off?

Thanks for the help.

Cheers,

-- 
Joe Renwick
IP Network Consultant, CCIE #16465
GO NETFORWARD!
Direct: 619-800-2055, Emergency Support: 800-719-0504
Is your network moving you forward?

• Previous message (by thread): OPERATIONAL: Royal Wedding expected to break traffic records
• Next message (by thread): MySQL Madness
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]