Wireshark mailing list archives
Re: Multiple syn's , syn/ack and ack received for single connection?
From: T B <phreakocious () gmail com>
Date: Tue, 4 Aug 2015 15:02:23 -0400
Can't speak to your anecdotal experiences, but it definitely can and does happen in parallel depending on the browser/client. There is also nothing non-"classical" about this behavior. Each connection operates in exactly the classical way, there are just more of them. :) On Tue, Aug 4, 2015 at 2:28 PM, asad <a.alii85 () gmail com> wrote:
Thanks, for the fast response. I have tested the same by visiting home-pages of other websites as well and none had such behavior parallel requests by browser. It mostly works as classical. syn syn-ack ack Now, consecutive syn's. Yes you were right, down the packet-capture I see all the syn,syn-ack and ack packets. Thanks for mentioning. regards asad On Tue, Aug 4, 2015 at 11:05 PM, T B <phreakocious () gmail com> wrote:A web browser can make multiple connections to the same server to fetch different resources in parallel. The other syn/ack responses are probably in the capture as well, but further down. The sockets should be processed in the order they're received, but there are lots of reasons why it might not all happen immediately. None of this seems strange so far. Hope this helps. On Tue, Aug 4, 2015 at 11:13 AM, asad <a.alii85 () gmail com> wrote:I have a scenario, I'm analyzing ssl (decrpyt) traffic to my webserver. I'm investigating server and end-to-end delay issues. In between this I'm stuck at following traffic pattern for which I need some advice/suggestion. The patter shows:- client server src port 1 -> 80 (syn) src port 2 -> 80 (syn) src port 3 -> 80 (syn) src port 4 -> 80 (syn) ..... server client src port 80 -> 1 (syn/ack) src port 80 -> 2 (syn/ack) client server src port 1 -> 80 (ack) src port 2 -> 80 (ack) After, complete of handshake I see <code>"http get request"</code> from client. My issues is:- 1. why are multiple syns send from client to server from different source port 2. why server choose to reply on NOT all ports mainly the syn/ack is received by first 3 ports. 3. Multiple acks to different ports? a sample SYN request just for analysis looks like "694 47.583499000 192.168.1.56 192.168.1.22 TCP 66 0.000173000 50844→80 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=4 SACK_PERM=1" Please help me understand this behavior. ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark orgArchives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Multiple syn's , syn/ack and ack received for single connection? asad (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? T B (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? asad (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? T B (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? Saulpaugh, Chris (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? asad (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? T B (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? asad (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? asad (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? T B (Aug 04)
- Re: Multiple syn's , syn/ack and ack received for single connection? asad (Aug 04)