Troubleshooting the Failure in Opening Web Pages on Netbooks Under the E1000E

Publication Date:  2014-01-06 Views:  320 Downloads:  0
Issue Description

In Baoding in the Hebei province of China, netbooks could access the Baidu web page, but not Sohu and Sina web pages. The fault involved the serving GPRS support node (SGSN) in Baoding, gateway GPRS support node (GGSN) in Shenzhen, and Eudemon firewall in Shenzhen. Huawei core network technical support department organized GGSN R&D personnel and technical support engineers (TSEs) in Shenzhen and Baoding to locate the fault. Through fault location, the personnel concluded that the fault was caused by fragmentation of packets that were transmitted between the Shenzhen's GGSN and Baoding's SGSN and encapsulated by GPRS tunneling protocol (GTP). As a result, services were affected. To rectify the fault, the personnel adjusted the maximum segment size (MSS) of TCP packets so that the packets were no longer fragmented.
Alarm Information
Handling Process
1. Huawei R&D personnel and TSEs cooperated to locate the fault. They captured packets on the live network and find that packets were retransmitted when web pages with a large volume of data (such as Sohu and Sina) failed to be opened, indicating that packet loss occurred. However, web pages with a small volume of data (such Baidu) could be opened. When a netbook attempted to access a web page with a large volume of data, transmitted data packets were of 1500 bytes. After the data packets were encapsulated by GTP, they were fragmented and transmitted between Shenzhen's GGSN and Baoding's SGSN. During the transmission, the fragmented packets were discarded, resulting in a network access failure.
When terminals in Baoding or Shenzhen attempt to access web pages with a large volume of data (such as Sohu and Sina), several 1500-byte packets need to be transmitted. The captured packets for a terminal in Shenzhen are as follows.

Based on the preceding figure, the first interaction in Shenzhen starts from packet 89 to packet 99, no packet is retransmitted, and the packet size is 1500 bytes. Packets from terminals in Shenzhen are neither encapsulated by GTP nor fragmented; therefore, packet loss does not occur.
Where are packets discarded for terminals in Baoding? The GI-side firewall in Shenzhen can properly forward packets, and the GN-side firewall in Shenzhen is enabled with transparent transmission of fragmented packets. Even if packets are fragmented and mis-sequencing of the fragmented packets occurs, the GN-side firewall can still properly forward the packets.
Therefore, loss of fragmented packets occurs on a device between Shenzhen's GGSN and Baoding's SGSN. Once mis-sequencing of fragmented packets occurs and the fragmentation delay is long, fragmented packets may be lost. To rectify the fault, set the MSS of TCP packets to 1400 on the GI-side firewall in Shenzhen to ensure that packets are no longer fragmented after being encapsulated by GTP. In addition, at the service software side, the MSS of TCP packets are generally adjusted on the firewall.

Packets are forwarded to the GGSN through the firewall. The fragmentation flag is 0, indicating that the packets are not fragmented.
Based on the networking, the packets are transmitted to terminals in Shenzhen, while the packets are encapsulated by GTP, fragmented, and then transmitted to terminals in Baoding.

Based on the preceding figure, packet 448 is the initial packet for network access. Packets 452 to 455 are all of 1500 bytes (1514 indicates that the Layer 2 packet header is added to the packets). These packets are generated for obtaining a web page with a large volume of data. Packets 460 to 462 are all retransmitted TCP packets, indicating that discarded packets are being retransmitted.

Root Cause
Modifying the maximum transmission unit (MTU) on the interface triggers the modification on the MSS of TCP packets. When a network device does not allow for fragmentation of TCP packets, services fail to be connected due to large packets. In this case, set the MTU to a smaller value on the interface to decrease the MSS of TCP packets to limit the size of TCP packets.