2021-12-09 13:00:36 +0000 | received badge | ● Famous Question (source) |
2021-12-01 08:45:44 +0000 | asked a question | tcp reset with and without ack flag set tcp reset with and without ack flag set Hi, Is there any difference between a RST packet with and without ACK bit set? |
2021-12-01 08:35:31 +0000 | received badge | ● Famous Question (source) |
2021-06-27 01:43:55 +0000 | received badge | ● Notable Question (source) |
2021-06-25 08:14:27 +0000 | received badge | ● Popular Question (source) |
2021-06-25 08:14:27 +0000 | received badge | ● Notable Question (source) |
2021-06-24 00:28:43 +0000 | received badge | ● Popular Question (source) |
2021-03-09 01:26:43 +0000 | received badge | ● Famous Question (source) |
2021-03-09 01:26:43 +0000 | received badge | ● Notable Question (source) |
2021-03-09 01:26:43 +0000 | received badge | ● Popular Question (source) |
2021-01-06 09:40:31 +0000 | received badge | ● Notable Question (source) |
2020-11-29 20:36:52 +0000 | received badge | ● Popular Question (source) |
2020-05-26 02:50:33 +0000 | commented answer | Is TCP MSS a value both communication peers agreed up? nice article, have added to my reading list. thank you ! |
2020-05-26 02:49:52 +0000 | marked best answer | Is TCP MSS a value both communication peers agreed up? Hi, I now that TCP MSS (max segment size) value is telling the peer "I can receive xxx bytes of data". I am wondering if both side will agree upon a min value or each side can use their own claimed size. For example, if A says I can receive 1460 Bytes while B said I can do 1200 Bytes. Will 1200 be picked up as the max MSS size on this tcp session? or A can only send max to 1200 bytes to B, while B can send max of 1460 Bytes of data to A? Thanks! -Steve |
2020-05-19 11:47:48 +0000 | received badge | ● Popular Question (source) |
2020-05-09 05:59:40 +0000 | commented question | How to read a specified packet in hex and ASCII? hi, if tshark works, that is good to know. |
2020-05-09 02:06:47 +0000 | asked a question | How to read a specified packet in hex and ASCII? How to read a specified packet in hex and ASCII? Hi, I know tcpdump has -X option to print packets in hex and ASCII. -r |
2020-05-06 07:28:57 +0000 | asked a question | Is TCP MSS a value both communication peers agreed up? Is TCP MSS a value both communication peers agreed up? Hi, I now that TCP MSS (max segment size) value is telling the p |
2019-05-29 06:18:56 +0000 | marked best answer | the actual tcp send window is not increased further Hi, I am handling an issue that the smb file transfer over tcp does not fill the 1Gbit pipe between the Windows file server and a macOS 10.14.5 client. They are on different subnet so it can be any intermediate devices that is blocking something. The weird thing I am seeing is that the sender was stuck at sending 8 * SMSS and no more. According to the Ack, the receiver window is still large enough to accept more incoming data, but the actual send window didn't increase to more than 8 * SMSS followed by each of the RTT (Ack). There is no window full reported either. I am wondering what can be the possible reason that the sending speed was stuck at 8 * SMSS? I am no saying 8 is low, but it was just not as good as, i don't know, 14 * SMSS? thanks! |
2019-05-29 06:18:26 +0000 | asked a question | what is the 'MA window' in the tcp throughput graph? what is the 'MA window' in the tcp throughput graph? Hi, what does the 'MA window' mean in tcp throughput graph? Its v |
2019-05-17 08:44:37 +0000 | edited answer | Troubleshooting slow SMB transfer So it is the client was writing to the server. Several things: The client seems to have the TSO feature enabled on the |
2019-05-17 08:44:37 +0000 | received badge | ● Editor (source) |
2019-05-17 08:43:20 +0000 | received badge | ● Rapid Responder (source) |
2019-05-17 08:43:20 +0000 | answered a question | Troubleshooting slow SMB transfer So it is the client was writing to the server. Several things: The client seems have the TSO feature enabled on the NI |
2019-05-17 08:18:13 +0000 | marked best answer | smb or smb2 packets are all parsed to tcp Hi, all of sudden, not sure what i did, all the smb or smb2 (tcp port 445) are now all displayed as tcp packets. I tried to Decode tcp 445 but there is no option of smb or smb2. how do I recover this situation? A reinstallation of Wireshark doesn't get it fixed. I guess remove the Wireshark.app (on macOS 10.14.5) can help me, but I don't want to lose the current config. thank you! |
2019-05-17 05:15:41 +0000 | received badge | ● Supporter (source) |
2019-05-17 02:44:09 +0000 | commented answer | smb or smb2 packets are all parsed to tcp aha, the 'Default' profile does show me the SMB traffic, so it is a problem of my current profile, any idea which config |
2019-05-16 10:17:49 +0000 | commented question | the actual tcp send window is not increased further sorry that I cannot share the pcap here since it's from the customer. |
2019-05-16 10:17:22 +0000 | asked a question | the actual tcp send window is not increased further the actual tcp send window is not increased furhter Hi, I am handling an issue that the smb file transfer over tcp does |
2019-05-16 10:08:32 +0000 | commented answer | smb or smb2 packets are all parsed to tcp disable and reenable smb and smb2 does't not help. |
2019-05-16 10:05:23 +0000 | received badge | ● Rapid Responder |
2019-05-16 10:05:23 +0000 | answered a question | smb or smb2 packets are all parsed to tcp please see the screenshot here. |
2019-05-16 09:39:40 +0000 | received badge | ● Rapid Responder |
2019-05-16 09:39:40 +0000 | answered a question | smb or smb2 packets are all parsed to tcp See the screenshot here. |
2019-05-16 09:39:26 +0000 | commented answer | smb or smb2 packets are all parsed to tcp Hi, I just checked that and they are all enabled. Wireshark Version 3.0.1 (v3.0.1-0-gea351cd8) |
2019-05-16 09:28:18 +0000 | asked a question | smb or smb2 packets are all parsed to tcp smb or smb2 packets are all parsed to tcp Hi, all of sudden, not sure what i did, all the smb or smb2 (tcp port 445) ar |
2019-01-10 09:57:34 +0000 | marked best answer | what is the baseline of the 802.11 wireless network retransmission rate? I recently see more than 10% of retransmission from sniffer trace via wireshark. It sounds really a big problem to me since on Ethernet, I vagely recall that the baseline of retransmission rate is about 0.5%? I am not sure what is the baseline for a 802.11 WLAN. Any ideas? |
2019-01-10 09:56:21 +0000 | marked best answer | displayed packets unmatched when trying to export Hi, I notiched that the # of displayed packets is not the same as it should be when you try to export them, please see that screenshot below: Is it a known isssue? I was using "smb || smb2" as the display filter. i further confirmed that the smaller number contains only smb/smb2 packets, while you try to export, the larger number also contains the pure tcp packets (for smb file streaming) for the corresponding smb session. Is it expected? |
2019-01-10 09:56:21 +0000 | received badge | ● Scholar (source) |
2019-01-09 08:34:41 +0000 | asked a question | displayed packets unmatched when trying to export displayed packets unmatched when trying to export Hi, I notiched that the # of displayed packets is not the same as it |
2019-01-08 03:14:28 +0000 | asked a question | does Wireshark support Chinese characters in SMB2 protocol does Wireshark support Chinese characters in SMB2 protocol Hi, While reviewing a SMB2 trace, the directory named with C |
2019-01-03 06:53:52 +0000 | asked a question | what is the baseline of the 802.11 wireless network retransmission rate? what is the baseline of the 802.11 wireless network retransmission rate? I recently see more than 10% of retransmission |