This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

DUP ACKs even though no packet was lost

0

I have two network devices involved in this wireshark capture

  • the embedded device, 10.222.156.120
  • the server, 10.222.156.1, which is a Java application on an Ubuntu 12.04 64 bit machine

The capture is done on the server.

The embedded device connects to the server and starts sending data. The server never sends anything.

Everything goes well until packet #108 is sent. The server now starts sending DUP ACKs and does not even stop when a fast retransmission og packet #109 is sent by the embedded device.

As far as I can see, no packet was lost. I believe this because the capture was done on the server (using tcpdump).

What can be the cause of the DUP ACKs?

asked 24 Feb '14, 07:55

colorcoded's gravatar image

colorcoded
16114
accept rate: 0%

One Answer:

5

The tcp.checksum of tcp.seq==76234 is invalid in packets 109 and 122 so the receiving TCP validly discards those. Only the timer based retransmission in packet number 135 if correct which is when linux acknowledges the segment.

answered 24 Feb '14, 09:23

mrEEde's gravatar image

mrEEde
3.9k152270
accept rate: 20%

edited 24 Feb '14, 11:39

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237

Thank you! You just helped me find a hard bug in my embedded system.

(24 Feb '14, 23:54) colorcoded