tcptrace graphic analysis

asked 2025-08-28 14:44:45 +0000

rmdck
1 ●1 ●1

updated 2025-08-28 14:46:48 +0000

Hello,

I am working on the http-download-bad.pcapng from wireshark (uploaded here in order to udnerstand tcptrace graphic. The graph is made from 61.8.0.17:80 -> 10.0.52.164.2250

From packet 133, we have packet loss and from pkt 135 in the graph there is a vertical red line under the "I". This line grows up until packet 163 and then, a brown line appears in the graph and the red line is reduced. From my understanding brown lines are sack block form the tcp receiver whereas red lines are duplicate ack from the sender. But the graph does not reflect it. I probably misunderstood something. Can you clarify me the graph? Thanks

edit retag flag offensive close merge delete

Comments

Wireshark version, there have been changes in this area over the years?

grahamb ( 2025-08-28 14:50:36 +0000 )edit

version: 3.6.2 (Git v3.6.2 packaged as 3.6.2-2) Linux.

rmdck ( 2025-08-28 14:58:47 +0000 )edit

add a comment

tcptrace graphic analysis

Comments

Be the first one to answer this question!

Question Tools

Stats

tcptrace graphic analysis edit

Comments

Be the first one to answer this question!

Question Tools

Stats

tcptrace graphic analysis