Re: Initial RTT

[Pascal Quantin <pascal.quantin () gmail com>]

2014-07-02 20:59 GMT+02:00 Jasper Bongertz <jasper () packet-foo com>:

> Hello,
>
>   as promised during Sharkfest, I checked the latest developer builds
>   for the accuracy of the calculation of initial RTT for TCP
>   connections. So far I have only seen correct results, even in cases
>   with heavy packet loss during the three way handshake. So I think
>   the code is good.
>
>   I also checked traces where the TCP expert was incorrectly assuming
>   a retransmission when it was in fact an out-of-order packet. Those
>   are now correctly identified, at least when we have the handshake
>   and thus initial RTT. Thumbs up for that.
>
>   Regarding the way to handle missing handshakes - I would go with the
>   old 3ms arbitrary value in that case, because most Wireshark
>   captures are taken in local network environments. Higher values are
>   problematic because retransmissions are not flagged anymore and
>   called out-of-order instead, which could lead to a lot of confusion
>   out there. I prefer false positives for retransmissions over
>   out-of-orders.
>
>   Again, thanks for the effort!
>
> Cheers,
> Jasper

Hi,

if it is working great (Evan changed the timer back to its old 3ms
arbitrary value in case we do not have the handshake) would it make sense
to backport this change from the development branch to the 1.12 one (before
Wireshark 1.12 gets released)?

Regards,
Pascal.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe