Jump to content
Welcome to our new Citrix community!

Http response with first tcp segment of 1 byte with "H"


Recommended Posts

Hi,

 

We're experiencing a weird behavior on NetScaler 10.5 with the following architecture :

[Client] <-- HTTP --> [NetScaler : CS + LB + 2 Services] <-- HTTPS --> [backend1 or backend2]

 

Sometimes we note on the [Client] that the HTTP response from NetScaler is splitted as following :

Tcp segment 1 (PSH, ACK) from NetScaler with only 1 byte : "H"

Tcp segment 2 (PSH, ACK) from NetScaler with the following : "TTP/1.1 200 ... and the rest of the response".

 

We're looking to explain this behavior and want to prevent this first tcp segment of 1 byte which is not managed by our client if the second segment is delayed. 

Note that we haven't this behavior when we change HTTPS by HTTP between NetScaler and our backends.

 

Can we consider that this behavior is normal? And is it possible to prevent it with HTTPS between NetScaler and our backends ?

 

Thanks in advance for help!

Flo.

Link to comment
Share on other sites

Hi Flo,

 

Could the issue be on the client-side where the HTTP Request is originating from (or does this happen regardless of where the HTTP Request originates from)?

 

What build of 10.5 are you running?  Based on your description, I was able to find the following listed in the Known Issues section of the 10.5 build 69.3 Release Notes:

 

Quote

A NetScaler appliance silently truncates and drops HTTP request body packets greater than the maximum HTTP header size configured in the HTTP profile. The request body is truncated only if the appliance receives an HTTP request after an incomplete header assembly (request header spanning more than one packet) and the request body is received when the appliance awaits a TCP acknowledgment for the request header sent to the server. The truncation results in TCP retransmission and latency issues.

[# 695668]

 

It is also listed in the 12.0 build 60.9 Release Notes:

 

Quote

A NetScaler appliance silently truncates and drops HTTP request body packets greater than the maximum HTTP header size configured in the HTTP profile. The request body is truncated only if the appliance receives an HTTP request after an incomplete header assembly (request header spanning more than one packet) and the request body is received when the appliance awaits a TCP acknowledgment for the request header sent to the server. The truncation results in TCP retransmission and latency issues.

[# NSHELP-11096, TSK0695668]

 

No mention of the issue in the 12.1 build 51.16 Release Notes.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...