Recently, we’ve been having a small (but significantly too big) amount of users who have been having issues connecting to our websites.  This has been a very frustrating problem as there was no pattern of location, browser, OS, ISP, or any other normal factor related to connection issues.

In the end, it ended up being a problem with TCP window scaling.  If you don’t know what this is, don’t worry, it is very technical and I’m not going to go into details here ;)   Basically, this setting is turned on by default in all modern Linux/Unix kernels and makes your internet connection faster (when it works).  Unfortunately, there is equipment out there on the internet that does not handle TCP window scaling correctly and if you are unlucky enough to have it between your computer and the website you are trying to connect to, then you will experience intermittent issues accessing the site.

Now, this is all very well documented and googling it will present a wealth of knowledge about how to turn off TCP window scaling on your computer so you don’t have these problems anymore.  But what about the servers hosting these websites?  We can’t tell all our users to turn off TCP window scaling on their computers.  Shouldn’t there be something we can do on our end to prevent this problem from happening?  As it turns out, there is.  Turn off TCP window scaling and TCP timestamps on all our public facing equipment.  Below is the code to do that on Linux (RedHat flavors):

sysctl net.ipv4.tcp_window_scaling=0
sysctl net.ipv4.tcp_timestamps=0

Turning off TCP timestamps is the part that is missing from all the online information and what is absolutely essential for fixing this issue on the server side (it’s not necessary on the client side).

Advertisement