My question is why a TCP flow make a re-transmission when a network has enough link bandwidth.
For finding a cause, I used a wireshark. I got the below captured at a host side (10.0.0.1)
85968 47.896188899 10.0.0.2 10.0.0.1 TCP 66 50012 → 47178 [ACK] Seq=1 Ack=18321446 Win=16744448 Len=0 TSval=2453843 TSecr=2453843
86020 47.913068662 10.0.0.1 10.0.0.2 TCP 64578 47178 → 50012 [PSH, ACK] Seq=18321446 Ack=1 Win=29696 Len=64512 TSval=2453847 TSecr=2453843
86076 47.922372390 10.0.0.1 10.0.0.2 TCP 866 [TCP Retransmission] 47178 → 50012 [PSH, ACK] Seq=18385158 Ack=1 Win=29696 Len=800 TSval=2453850 TSecr=2453843
86088 47.922754778 10.0.0.2 10.0.0.1 TCP 66 50012 → 47178 [ACK] Seq=1 Ack=18385958 Win=16744448 Len=0 TSval=2453849 TSecr=2453847
86134 47.926332300 10.0.0.2 10.0.0.1 TCP 78 [TCP Window Update] 50012 → 47178 [ACK] Seq=1 Ack=18385958 Win=16776192 Len=0 TSval=2453850 TSecr=2453850 SLE=18385158 SRE=18385958
As the above, the packet with seq # 18385158 was re-transmitted although the host seemed not to send packer with the seq #.
Therefore I decided the packet loss occurred between layer 3 and layer 4 in the host.
I think there is a wrong part in the transmission process of the kernel.
But it is hard to analyze the more detailed.
Could you give me a little hint?
Thank you so much for reading.
Best Answer
Having enough bandwidth means that the re-transmission is not due to link saturation. Re-transmission occurs when the Acknowledgment is never sent by receiver or is lost between receiver and sender. There are many other reasons for this besides bandwidth. Few of them are:
Link Quality, it could be a bad Network cable, loose termination for LAN cable and noise in case of WiFi for layer 1 issues.
Bad Network card, or if there is a switch or repeater in between, the hardware might be failing for layer 2 issues.
It could be the system itself, if CPU utilization is high, the receiving end might not be able to process all the packets that it is receiving. The application itself might be causing CPU hog.
And as you suggested, it could be an issue with Kernel, but usually that is identified sooner or latter unless you are running a beta or alpha version of operating system (or drivers of Network Card), and no one else has noticed it yet, besides yourself.