i captured many tcp packets,why the server mark the tcp.flags.ack=1,but not received any packets from client? asked 25 Oct '12, 18:10  chinasan |
One Answer:
Not sure if I get the question right, but I guess you wonder why the ACK flag would be set even though the client sent no data in its packets? If so: basically, all packets after the first SYN have the ACK flag set, no matter if the other system sent payload data or not. For example in an FTP data transfer usually one system only sends data and never receives anything, but it will still set the ACK flag for each data packet it sends out. If you meant that see ACK packets and you do not see any client packets you usually have a problem with the capture setup, maybe asynchronous routing or a SPAN port that mirrors only one direction. answered 26 Oct '12, 00:30  Jasper ♦♦ |
//Yes,you get my point.Thank you for your good answer!
Glad to be able to help. If you like, you can accept my answer with the checkmark button on the left next to it ;-) That would indicate that the question was answered successfully to others looking at it.