Hello, need to have some experts look at this trace snippet showing a server sending a zero-window and the client sending probes with a 1 byte 'garbage'. I wonder whether the client sends a 'correct' tcp.seq in its probes. Here's the trace: zero_window_probe.pcapng asked 24 Nov '13, 10:01  mrEEde |
One Answer:
Looks pretty normal to me. Some operating systems use the last byte already acknowledged for Window probes (which would be a real "garbage byte"), others use the next byte to come for the same purpose. This one seems to use the "next in line" byte to probe the window. Nothing unusual here. answered 24 Nov '13, 10:33  Jasper ♦♦ |
Thanks for your comment!