Re: Oddball Routing Issue

Isn't there some overhead on setting up the initial connection which
is reduced if there's already a connection in place between boxes?
Just a guess, though -- I don't know a lot about this area.

Total latency is very low, less than 100 ms ping to the controller.

On Jan 1, 9:29 am, Barry Margolin <bar...@xxxxxxxxxxxx> wrote:
In article <UuadnSWWfcL36efanZ2dnUVZ_vamn...@xxxxxxxxxxx>,

"Thrill5" <nos...@xxxxxxxxxxxxx> wrote:
It could be the RTT (round trip-time) is too great. Many years ago we
attempted to use STUN to connect two card reader systems. When connected
using a TimePlex as a serial connection it worked fine, but when we used
STUN (so we could retire the TimePlex) it did not work over the WAN even
though it worked fine when we had it setup in our lab. Using STUN over the
WAN added too much jitter and increased the RTT to a level that the two
controllers kept getting out of sync and it didn't work. You could be having
a similar problem and I would contact the controllers vendor. You might
need to tweak some parameters on the controller to deal with the increased
RTT time.

How does that explain that the connection on the telnet port always
succeeds, and then the connection on the controller service port works?





"secpgmr" <secp...@xxxxxxxxx> wrote in message
news:a2b96b56-3808-4b44-91a1-194c5cdc9f16@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
The controller is an access control system controller. It's
responsible for receiving card reads from a proximity reader and
sending a door unlock pulse for authorized cards, and for sending
event records back to the server. It's a simple device, and it works
without a hitch on the local network. The problem only arises when a
connection is attempted across the WAN.

This has really got me perplexed. The transport should be fully
transparent to the controller itself, which shouldn't see any
difference whether the box is local or long-distance, so I don't see
how it could be a controller issue. And yet, everything else is just
standard hardware.

I'm suspecting it's some misconfiguration of the hardware along the
way, possibly with some incorrectly implemented ACL rules.
Unfortunately, I don't know enough about advanced router configuration
to be able to formulate a hypothesis.

When I get this resolved, I'll post the cause of the issue.

Mike

On Dec 29, 12:00 pm, "John Agosta" <jago...@xxxxxxxxxxxxxxxx> wrote:
Not sure what you mean by 'controller.' Is it a router / cisco device ?
If so, perhaps there is some form of "dynamic" / "lock and key"
access-list
involved ?

See:http://www.cisco.com/en/US/products/ps6350/products_configuration_gui..
.

Either way, please let us know what the problem & resolution was!

Thanks.

"secpgmr" <secp...@xxxxxxxxx> wrote in message

news:1e5d3ff7-6946-46a8-9879-2cdcec77e159@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

I have an oddball connection issue that appears to be related to the
routing equipment between the two end points.

I have a server trying to connect to an access control system
controller across the country over a WAN. When I sniff the
connection
between the server and the controller, I see a sequence of SYN
packets
to the controller service port (> 2000 < 4000) on the controller with
no SYN ACK from
the controller.

However, if I open a telnet session to the controller on the port
where telnet is listening on the controller (> 8000), suddenly the
server gets
a SYN ACK on the controller service port and the controller comes
online.

If I break the connection on the controller service port and try to
re-
establish it, I just get a sequence of SYN packets with no SYN ACK
until I open another telnet session again.

Seems the telnet session is establishing some kind of state that is
needed for the connection to occur that cannot be created on the
controller service port for some reason.

The controller connects perfectly on the local network. The problem
only occurs over the WAN. There are no firewalls between the two end
points.

Any thoughts?

Mike

--
Barry Margolin, bar...@xxxxxxxxxxxx
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

.

Relevant Pages

  • quite slam his rough commission
    ... accounts including our brand after we complain through it. ... Just providing in connection with a reputation ... She wants to kick islamic participants until Russell's lab. ... If the frozen landscapes can mind behind, the unlikely controller may ...
    (rec.music.christian)
  • Cypriene can really impress their parliament
    ... loch with screens, ... May did Haji answer the technique in connection with the exclusive ... Otherwise the controller in ... He may diminish the very perception and evolve it depending on its ...
    (sci.crypt)
  • Re: Remote controlling Windows CE 6.0 PC
    ... unreliable gsm modem connection, that method works fastest. ... you could try a wince vnc server. ... wise to launch that program with some remote device specific command as ... *Changing the settings and/or parameters in the controller program ...
    (microsoft.public.windowsce.embedded)
  • Re: Oddball Routing Issue
    ... STUN it did not work over the WAN even ... need to tweak some parameters on the controller to deal with the increased ... connection is attempted across the WAN. ... a SYN ACK on the controller service port and the controller comes ...
    (comp.dcom.sys.cisco)
  • Re: Oddball Routing Issue
    ... STUN it did not work over the WAN even ... need to tweak some parameters on the controller to deal with the increased ... How does that explain that the connection on the telnet port always ... a SYN ACK on the controller service port and the controller comes ...
    (comp.dcom.sys.cisco)
Loading