Debugging ETIMEDOUT errors

Question

I'm trying to debug frequent ETIMEDOUT errors to api.facebook.com (31.13.95.8) when doing HTTP GET requests from our Linux Servers. To figure out whether it is an issue on our server or on Facebook side, I ran this command:

$ mtr -r -c 10 --report-wide 31.13.95.8 -P 443
Start: Fri Mar 24 15:18:54 2017
HOST: lothlorien                         Loss%   Snt   Last   Avg  Best  Wrst StDev
  1.|-- 108.170.241.35                      0.0%    10   12.3  12.4  12.3  12.8   0.0
  2.|-- 32934.hkg.equinix.com               0.0%    10   13.6  13.7  13.6  14.0   0.0
  3.|-- po102.psw02.hkg3.tfbnw.net          0.0%    10   13.1  13.1  13.0  13.3   0.0
  4.|-- 173.252.67.87                       0.0%    10   13.2  13.2  13.1  13.4   0.0
  5.|-- edge-star-shv-01-hkg3.facebook.com  0.0%    10   13.2  13.2  13.1  13.4   0.0

However when I run this command (note extra -T which sends TCP SYN instead of ICMP ECHO packets), we see significant packet loss:

$ mtr -r -c 10 -T --report-wide 31.13.95.8 -P 443
Start: Fri Mar 24 15:20:51 2017
HOST: lothlorien                         Loss%   Snt   Last   Avg  Best  Wrst StDev
  1.|-- 108.170.241.67                      0.0%    10   12.5  15.3  12.5  37.5   7.8
  2.|-- 32934.hkg.equinix.com               0.0%    10   14.5  14.4  13.8  15.7   0.3
  3.|-- po102.psw03.hkg3.tfbnw.net          0.0%    10   13.8  13.9  13.4  14.6   0.0
  4.|-- 173.252.67.5                        0.0%    10   14.0  14.2  13.7  14.7   0.0
  5.|-- edge-star-shv-01-hkg3.facebook.com 90.0%    10  250.7 250.7 250.7 250.7   0.0

Any reason why the second command shows a significant packet loss, while the first one doesn't?

Answer 1

Are you using connection pooling to the API? It is probable that SYN packets are throttled to prevent SYNflood-style attacks.