[Ethereal-users] Question about "Window size" field

Wed, 03 Dec 2003 16:36:17 -0800 

Hi, there,
I'm trying to use ethereal to reconstruct a tcp communication.
What I'm retrieving is the traffic of a simple web session
initiated from mozilla in Linux to a website. I'm especially
interested in the send window size and the receive window size
at that certain time point for each packet.
The segment of output is as follows. I have no clue about
what "window size" means in the output. The "next sequence number"
also seems bizarre to me. Does anybody have an idea? Thanks a lot.


Frame 4 (567 bytes on wire, 567 bytes captured)
    Arrival Time: Oct 26, 2003 19:46:20.971335000
    Time delta from previous packet: 0.000097000 seconds
    Time relative to first packet: 0.040945000 seconds
    Frame Number: 4
    Packet Length: 567 bytes
    Capture Length: 567 bytes
    ......
    Source: 128.105.111.141 (128.105.111.141)
    Destination: 216.239.39.99 (216.239.39.99)
Transmission Control Protocol, Src Port: 35126 (35126), Dst Port: www
(80), Seq: 3799174939, Ack: 689772740, Len: 513
    Source port: 35126 (35126)
    Destination port: www (80)
    Sequence number: 3799174939
    Next sequence number: 3799175452
    Acknowledgement number: 689772740
    Header length: 20 bytes
    Flags: 0x0018 (PSH, ACK)
        0... .... = Congestion Window Reduced (CWR): Not set
        .0.. .... = ECN-Echo: Not set
        ..0. .... = Urgent: Not set
        ...1 .... = Acknowledgment: Set
        .... 1... = Push: Set
        .... .0.. = Reset: Not set
        .... ..0. = Syn: Not set
        .... ...0 = Fin: Not set
    Window size: 5840
    Checksum: 0x40b5 (correct)

Frame 5 (60 bytes on wire, 60 bytes captured)
    Arrival Time: Oct 26, 2003 19:46:21.012698000
    Time delta from previous packet: 0.041363000 seconds
    Time relative to first packet: 0.082308000 seconds
    Frame Number: 5
    Packet Length: 60 bytes
    Capture Length: 60 bytes
    ......
    Source: 216.239.39.99 (216.239.39.99)
    Destination: 128.105.111.141 (128.105.111.141)
Transmission Control Protocol, Src Port: www (80), Dst Port: 35126
(35126), Seq: 689772740, Ack: 3799175452, Len: 0
    Source port: www (80)
    Destination port: 35126 (35126)
    Sequence number: 689772740
    Acknowledgement number: 3799175452
    Header length: 20 bytes
    Flags: 0x0010 (ACK)
        0... .... = Congestion Window Reduced (CWR): Not set
        .0.. .... = ECN-Echo: Not set
        ..0. .... = Urgent: Not set
        ...1 .... = Acknowledgment: Set
        .... 0... = Push: Not set
        .... .0.. = Reset: Not set
        .... ..0. = Syn: Not set
        .... ...0 = Fin: Not set
    Window size: 30660
    Checksum: 0xc8cf (correct)

Reply via email to