Ask Your Question

Revision history [back]

Server ACK before Client ACK

During the analysing of a problem I had a situation where the Server sent an ACK before the Client even initiated the connection. Is this an error in Wireshark (Version 2.0.2 (v2.0.2-0-ga16e22e from master-2.0)) or is this due to some network configuration? Situation:

  1. Timestamp 1: Server:389 -> Client->56469: [ACK] Seq=1Ack=1 Win=8207 Len=1[Malformed packet]
  2. Timestamp 2: Client->56469 -> Server:389: [ACK] Seq=1Ack=2 Win=65335 Len=0 SLE=1 SRE=2
  3. Timestamp 3: Client->56469 -> Server:389: [FIN, ACK] Seq=1Ack=2 Win=65335 Len=0
  4. Timestamp 4: Server:389 -> Client->56469: [ACK] Seq=2Ack=2 Win=8207 Len=0
  5. Timestamp 5: Server:389 -> Client->56469: [RST, ACK] Seq=2Ack=2 Win=0 Len=0

This happend when I started a LDAP connection from the client.