This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I have two network devices involved in this wireshark capture

  • the embedded device, 10.222.156.120
  • the server, 10.222.156.1, which is a Java application on an Ubuntu 12.04 64 bit machine

The capture is done on the server.

The embedded device connects to the server and starts sending data. The server never sends anything.

Everything goes well until packet #108 is sent. The server now starts sending DUP ACKs and does not even stop when a fast retransmission og packet #109 is sent by the embedded device.

As far as I can see, no packet was lost. I believe this because the capture was done on the server (using tcpdump).

What can be the cause of the DUP ACKs?

asked 24 Feb '14, 07:55

colorcoded's gravatar image

colorcoded
16114
accept rate: 0%


The tcp.checksum of tcp.seq==76234 is invalid in packets 109 and 122 so the receiving TCP validly discards those. Only the timer based retransmission in packet number 135 if correct which is when linux acknowledges the segment.

permanent link

answered 24 Feb '14, 09:23

mrEEde's gravatar image

mrEEde
3.9k152270
accept rate: 20%

edited 24 Feb '14, 11:39

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237

Thank you! You just helped me find a hard bug in my embedded system.

(24 Feb '14, 23:54) colorcoded
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×1,620
×104
×42

question asked: 24 Feb '14, 07:55

question was seen: 2,096 times

last updated: 24 Feb '14, 23:54

p​o​w​e​r​e​d by O​S​Q​A