none
Problem with hard reset on 3 way handshake for TCP/139 resulting in "The specified network name is no longer available."

    Question

  • We have a two-way trust with another domain. Our network has a fiber cable to the other network where their other company's server resides.  We have a Catalyst 6500 with a FWSM, and the remote end has a Catalyst 4500 with an ACL. There is no content or web filter between the sites. There are MPLS circuits between our remote sites and host site with no firewalling between these locations.  The remote company can place files on our servers at our host site with no problem. Our host site can also place files on their server no problem. Our issue is that our remote sites frequently cannot place files on the sister company's file server (not always, but most of the time).

    The user gets an error "Cannot copy <filename>: The specified network name is no longer available." We've tried UNC paths with names, UNC paths with IPs, and mapped drives. Wireshark shows a successful 3 way handshake for TCP/445; however, for TCP/139, there is a SYN, followed by a SYN ACK, followed by a RST.  Even with the errors and enough tries, the files will eventually show up at the remote location, and the funny thing is, sometimes all files transfer without an error. Sometimes 2 or 3 files will transfer before the error pops up.

    Does anyone have a thought as to what we can try? Thanks for any and all guidance.

    Thursday, October 03, 2013 10:34 PM

All replies

  • Hi

    For diagnostic I would do that;

    - First of all, does your remote server got NIC in a load balance mode ? If yes put that in failover. In load balance I often see packet drop and problem in the communication.

    else try that

    - QoS for TCP 139&445 in the MPLS circuit.

    - Remove the QoS from the NIC as it imply the OS does not use the full bandwidth available.

    - Be sure you does not have jumbo frame set-up on thoses NIC. (and validate the MTU)

    - Update the NIC firmware & driver.

    Let us know the result

    Regards 


    MCP | MCTS - Exchange 2007, Configuring | Member of the TechNet Wiki Community Council | Member of the TechNet Wiki International Council | French Moderator on TechNet Wiki (Translation Widget)| Citrix Certified Administrator : XenApp | Citrix Certified Administrator : XenDesktop

    Friday, October 04, 2013 1:24 AM
    Moderator
  • Thanks for your response. The NIC is not teamed or load balanced, and there is no QoS on the NIC. Server is not load balanced either.  These are AT&T routers, so we'll have to get with them for configuring QoS. Jumbo frames are disabled. We've done a "ping -l 1472 -f <IP>" which we get a reply from the destination, but a packet size of 1473 result in a message stating the packet needs to be fragmented but the DF is set. We'll have to wait until this evening to update the driver.
    Friday, October 04, 2013 3:59 PM