I have a service running on my LAN which works very intermittently. It serves a webpage just fine right after I restart the server running macOS 14.1 (I noticed this happening on multiple versions of 13.0 as well). But after a few hours, I cannot connect to it anymore on any device on my LAN, as I get a connection reset error in any browser I use. I noticed that the SYN between the client and server functions as normal, but as soon as I perform a GET, my gateway responds with an ACK, causing my client to send an RST. My gateway is running AsusWRT. When the page is working, my gateway doesn't respond.
My client is at 192.168.50.228, and the server is at 192.168.50.42.
No. | Time | Source | Destination | Source MAC | Destination MAC | Protocol | Length | Info |
---|---|---|---|---|---|---|---|---|
9154 | 4.932032 | 192.168.50.228 | 192.168.50.42 | Client | Server | TCP | 78 | 54054 → 8080 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=1633977301 TSecr=0 SACK_PERM |
9155 | 4.937303 | 192.168.50.42 | 192.168.50.228 | Router | Client | TCP | 78 | 8080 → 54054 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=64 TSval=1803376346 TSecr=1633977301 SACK_PERM |
9156 | 4.937396 | 192.168.50.228 | 192.168.50.42 | Client | Server | TCP | 66 | 54054 → 8080 [ACK] Seq=1 Ack=1 Win=131712 Len=0 TSval=1633977306 TSecr=1803376346 |
9157 | 4.937488 | 192.168.50.228 | 192.168.50.42 | Client | Server | HTTP | 543 | GET / HTTP/1.1 |
9158 | 4.941333 | 192.168.50.1 | 192.168.50.228 | Router | Client | TCP | 66 | 8080 → 54054 [ACK] Seq=1 Ack=1 Win=2051 Len=0 TSval=1803376351 TSecr=1633977306 |
9159 | 4.941385 | 192.168.50.228 | 192.168.50.1 | Client | Router | TCP | 54 | 54054 → 8080 [RST] Seq=1 Win=0 Len=0 |
9160 | 5.047863 | 192.168.50.228 | 192.168.50.42 | Client | Server | TCP | 517 | [TCP Retransmission] 54054 → 8080 [PSH, ACK] Seq=1 Ack=1 Win=131712 Len=477 TSval=1633977417 TSecr=1803376346 |
9161 | 5.053608 | 192.168.50.42 | 192.168.50.228 | Router | Client | TCP | 54 | 8080 → 54054 [RST] Seq=1 Win=0 Len=0 |
On the server side, I never see the gateway's IP address, only the ACK it sends after the GET, which makes me think the gateway is intercepting the ACK and responding on behalf of the server.
No. | Time | Source | Destination | Source MAC | Destination MAC | Protocol | Length | Info |
---|---|---|---|---|---|---|---|---|
1935 | 9.542822 | 192.168.50.228 | 192.168.50.42 | Client | Server | TCP | 78 | 54054 → 8080 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=1633977301 TSecr=0 SACK_PERM |
1936 | 9.543382 | 192.168.50.42 | 192.168.50.228 | Server | Router | TCP | 78 | 8080 → 54054 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=64 TSval=1803376346 TSecr=1633977301 SACK_PERM |
1937 | 9.543747 | 192.168.50.1 | 192.168.50.42 | Router | Server | ICMP | 106 | Redirect (Redirect for host) |
1938 | 9.548315 | 192.168.50.228 | 192.168.50.42 | Client | Server | TCP | 66 | 54054 → 8080 [ACK] Seq=1 Ack=1 Win=131712 Len=0 TSval=1633977306 TSecr=1803376346 |
1939 | 9.548317 | 192.168.50.228 | 192.168.50.42 | Client | Server | HTTP | 543 | GET / HTTP/1.1 |
1940 | 9.548480 | 192.168.50.42 | 192.168.50.228 | Server | Router | TCP | 66 | 8080 → 54054 [ACK] Seq=1 Ack=478 Win=131264 Len=0 TSval=1803376351 TSecr=1633977306 |
1941 | 9.551754 | 192.168.50.228 | 192.168.50.42 | Router | Server | TCP | 54 | 54054 → 8080 [RST] Seq=478 Win=0 Len=0 |
1942 | 9.658227 | 192.168.50.228 | 192.168.50.42 | Client | Server | TCP | 543 | [TCP Spurious Retransmission] 54054 → 8080 [PSH, ACK] Seq=1 Ack=1 Win=131712 Len=477 TSval=1633977417 TSecr=1803376346 |
1943 | 9.658367 | 192.168.50.42 | 192.168.50.228 | Server | Router | TCP | 54 | 8080 → 54054 [RST] Seq=1 Win=0 Len=0 |
1944 | 9.658987 | 192.168.50.1 | 192.168.50.42 | Router | Server | ICMP | 82 | Redirect (Redirect for host) |