This is a static archive of our old Q&A Site. Please post any new questions and answers at

TCP packet length and congestion


If we capture packets using tcpdump or Wireshark with a length less than the MTU (length < 1500) -(For example, 74, 108, 788... etc) - is it fair to say that it means there is tcp congestion?

asked 17 May '17, 04:45

armodes's gravatar image

accept rate: 0%

One Answer:


No. That may only be something to think about if you know that there is a big data transfer with such a volume that all packets can be filled completely up to MSS. If an application has only a few bytes to send it will do that, and it's not because of congestion.

Take SSH/Telnet for example: pressing a key will send a small packet containing that key (and a few other things), but it's simply a small packet, and not congestion.

answered 17 May '17, 04:50

Jasper's gravatar image

Jasper ♦♦
accept rate: 18%

OK thank you Jasper. I am using iperf to send a traffic and i was wondering about it.

(17 May '17, 05:14) armodes