So I am seeing some interesting behavior of TCP during a MySQL connect over the network. The following packets capture shows the packet flow: asa1# sh capture debug-in 8 packets captured 1: 21:49:13.461554 8.25.42.100.32929 > 74.81.76.195.3306: S 4107544000:4107544000(0) win 65535 <mss 1380,nop,wscale 3,sackOK,timestamp 2065216038 0> 2: 21:49:13.462073 74.81.76.195.3306 > 8.25.42.100.32929: S 2601320299:2601320299(0) ack 4107544001 win 5792 <mss 1460,sackOK,timestamp 2581054349 2065216038,nop,wscale 7> 3: 21:49:13.462210 74.81.76.195.3306 > 8.25.42.100.32929: P 2601320300:2601320363(63) ack 4107544001 win 46 <nop,nop,timestamp 2581054349 2065216038> 4: 21:49:13.519061 8.25.42.100.32929 > 74.81.76.195.3306: . ack 2601320300 win 8208 <nop,nop,timestamp 2065216096 2581054349> 5: 21:49:14.135384 8.25.42.100.32929 > 74.81.76.195.3306: P 4107544001:4107544003(2) ack 2601320300 win 8208 <nop,nop,timestamp 2065216712 2581054349> 6: 21:49:14.135521 74.81.76.195.3306 > 8.25.42.100.32929: . ack 4107544003 win 46 <nop,nop,timestamp 2581055023 2065216712> 7: 21:49:16.461981 74.81.76.195.3306 > 8.25.42.100.32929: P 2601320300:2601320363(63) ack 4107544003 win 46 <nop,nop,timestamp 2581057349 2065216712> 8: 21:49:16.618147 8.25.42.100.32929 > 74.81.76.195.3306: . ack 2601320363 win 8208 <nop,nop,timestamp 2065219195 2581057349> 8 packets shown Packet "1" is Syn from MySQL client to Server Packet "2" is Syn/Ack from Server Packet "3" is a TCP Push! ??? HERE IS WHERE I AM CONFUSED Packet "4" is the Ack from the client completing the 3-way hand shake. My firewall is dropping packet "3" as it is not happy there is a push going on before it sees the completed handshake. Anybody run across this? Is the a MySQL option for a faster connection? Finally the firewall is a Cisco ASA and the "TCP Normalization" feature is dropping the packet. Specifically is the "tcp-3whs-failed" rule that is being offended. I cannot seem to figure out a way to turn this off? Thanks for the help. Cheers, -- Joe Renwick IP Network Consultant, CCIE #16465 GO NETFORWARD! Direct: 619-800-2055, Emergency Support: 800-719-0504 Is your network moving you forward?