TCP Sessions with Missing Packets
Hello Everyone,
We have a situation that one of our AMD is missing the TCP sessions near about 5% and after reviewed we found that few software services created to monitor the applications have 100% missing sessions.
AMD is performing well without any drop packets or running out any other resources.
What could be the issue?
Below screenshots are reference to my question.
Regards,
Babar
Hey Babar - Now I had time to look a little more on you screen - your AMD is also sampling - never good!
https://answers.dynatrace.com/questions/151490/und...
Is it overloaded?
So - most likely the SPAN is the source of your problem. I've posted a couple of times before but it's worth repeating - SPAN has very limited value in a production environment. Your best bet for success is have a target port that is much higher in speed than your source ports, and still you can fail :-) so that's why you should use a TAP instead. http://www.lovemytool.com/blog/2007/08/span-ports-...
In the manual (assuming you are on 12.4)
Hello Ulf,
We have AMD Version: 12.3.8.6 and the below two screenshots are taken from the two different AMDs. The weird thing is that only the application traffic is missing 100% on the DH-1 side and the partially missing traffic for the same application(s) on the DH-2.
One more observation that the configured analyzer is HTTP which is showing 100% missing session in DH-1 AMD but for the Unknown TCP there is no missing session.
The same application in the DH-2 AMD is partially missing the traffic and that is also for the HTTP analyzer.
DH-1 Aggregator
DH-2 Aggregator
Regards,
Babar
It's most likely depending on how you capture the packets to your AMD. How is it done today?
,Very likely it's your feed. How are the packets captured and directed to the the AMD?
