One of my co-workers had some odd output on some Wireshark logs with "connecting twice". I went and looked, and sure enough it looks like the client redoing the opening TCP handshake sequence, less than a second later.
The client side in this case is 3rd party software. The server side is our own software. Apparently, our code on the other end of our socket calls is only seeing one connection and only getting data from the first (shorter) one.
I find it odd that there are several instances in here for the client sending 2 packets with the same sequence and only getting one ack back. I find it odder that the last packet from the client (#7) before it apparently starts over (on packet #8) is not ACKed, and it appears to be very close to 0.05 seconds between the two.
I’m a bit of a neophyte at reading TCP logs though (I’m really much more used to UDP), so I’m wondering if all this is normal?