On this page:

 

Firewall throttling occurs when a firewall or other intermediate device prioritizes some connections over others, or denies some connections altogether. This might be due to traffic policies explicitly defined on the device or to one or more misconfigurations.  

Application Symptoms

A DevOps engineer is responsible for monitoring the performance of a mission-critical app. One day she scans the Application Dashboard and notices that

  • Ecom-Tier1 and Ecom-Tier2 are showing a lot of errors.
  • Traffic Loads and Errors are going up while response times are going down (bottom charts).

Network Diagnosis

  1. She switches over to the Network Dashboard and sees immediately that a lot of network errors are occurring on the links between the Ecom-Tiers and the load balancer in the center.

     
  2. She right-clicks on Ecom-Tier1, chooses View Metrics, and sees that
    1. The Network Impact on Transactions chart shows that transaction Errors and Network Errors have started going up at the same time.
       
    2. The Network Errors - Contributors chart shows that two types of Network Errors are increasing: 
      1. Syn Resets — This reset occurs when the firewall explicitly rejects a connection request before it can get established.
         
      2. RST on Established — This reset occurs when the firewall shuts down an established connection due to traffic-throttling or other policy on the device.
         
    3. The Connection Rate Info chart shows that the rate of Connection Errors and Resets are exactly the same — in other words, every connection error is a connection reset. This shows that the firewall in the load balancer is actually rejecting connections.