Wireshark mailing list archives
Re: SACK_PERM=1
From: Sake Blok <sake () euronet nl>
Date: Tue, 17 Jul 2012 00:20:53 +0200
On 16 jul 2012, at 22:30, Derrenbacker, L. Jonathan wrote:
I’m doing a packet capture of a web app not authenticating correctly and I see some TCP packets with the “SACK_PERM=1” option set. Can anyone explain what that option does.
See: http://en.wikipedia.org/wiki/Transmission_Control_Protocol#Selective_acknowledgments There are some problems with SACK on certain devices. One example is a Cisco ASA with Initial Sequence Numbering enabled. It does not translate the sequence numbers in the SACK TCP option (at least with some version of the ASA SW, maybe with recent versions it does work). What you would see in that case is an endless loop of retransmissions of the wrong segment(s). In itself the SACK_PERM=1 should not be related to your authentication problems. Cheers, Sake
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- SACK_PERM=1 Derrenbacker, L. Jonathan (Jul 16)
- Re: SACK_PERM=1 Sake Blok (Jul 16)
- Re: SACK_PERM=1 Forthofer Russ (Jul 17)