Random HTTP connection problems

5

3

I'm having a strange internet access problem that I don't know how to debug. A specific set of sites will fail to load with "Connection Reset" status about 90% of the time. Accessing them by their IP yields the same results. Pinging the IP works (no packet loss). I'm running Windows Server 2012 with latest updates installed.

Fiddler (HTTP MITM debugger) is telling me that the HTTP response is "HTTP 504". Wireshark is showing me receiving "Connection Reset" packets on the TCP level.

I've tried the following changes:

Problem persists when:

  • Accessing by IP
  • Using wget
  • Using a different network adapter (USB-tethered phone with 3G)
  • Using a different browser
  • Using a browser inside a VirtualBox VM
  • Disabling the firewall
  • Booting into Safe Mode w. networking.
  • Changing DNS server.
  • Logging in as a different non-admin user.

Problem disappears when:

  • Using a different machine
  • Using TOR
  • Using a different OS
  • Reissuing the HTTP request more than five times in Fiddler (i.e. the first 5 reissues fail, then ones after that work).
  • Capturing the HTTP request using Fiddler and reissuing it on another machine.

My last resort will be to reinstall the OS. Is there anything else I can try to debug this problem?

DarthShader

Posted 2015-01-24T15:49:29.297

Reputation: 546

Troubleshooting steps are often OS-specific. It helps if you tell us your OS. – Spiff – 2015-01-24T17:13:18.153

It's windows server 2012. – DarthShader – 2015-01-24T17:38:12.457

Answers

3

The connections that were failing were TCP connections to CloudFlare-enabled websites. Windows Server 2012 enables Explicit Congestion Notification by default - the ECN and CWR (Congestion Window Reduced) flags are set true in TCP packets.

I solved the problem by running 

netsh interface tcp set global ecncapability=disabled

DarthShader

Posted 2015-01-24T15:49:29.297

Reputation: 546

A big thank you to you. Wsa having issues with Windows Server 2012. Never heard of ECN until now, good to know. – Mark Stahler – 2015-02-07T23:21:22.830

2

This is a bit of a longshot, but I've seen this procedure fix some weird issues, that I had been unable to resolve otherwise. So it's definitely worth a try before you resort to a complete reinstallation.

Reset the TCP/IP stack on your Windows machine by running

netsh int ip reset c:\resetlog.txt (the final parameter for the log path is optional)

There's also an automated tool for it if you follow the link below.

Documentation: http://support2.microsoft.com/kb/299357/en

Kristian

Posted 2015-01-24T15:49:29.297

Reputation: 2 982

Didn't help, unfortunately. – DarthShader – 2015-01-25T00:49:11.800

Asked: 2015-01-24T15:49:29.297

Viewed: 897 times

Active: 2015-01-25T18:48:49.977