TCP协议
TCP
A -> SYN 敲门有人在吗? -> B
A <- SYN,ACK有人在喔 <- B
A -> ACK ,好的我要东西給你 ->B
A -> ACK,PSH 东西 -> B
A <- ACK 收到 <-B
Step 1 Packet# 1
客户端10.44.124.5向93.184.216.34提出建立连接的申请, 发送数据包+SYN
因为sync包没有实际的数据,所以数据长度为0。Wireshark把sequence number设置为0。
The actual value would be a 32 bit randomly selected number which we humans will find hard to keep up with. From the screenshot you can see the actual SEQ number from the client is 1932704549 (I have also attached the picture which shows the actual 32 bits sequence number below)
Step 2 Packet# 2
In step 2, the server will respond to the client with ACK and SYN bit set. Like step 1, Length of the data is zero, no data is transmitted in this stage. The sequence number is set to 0 (relative) and acknowledges the request of the client for synchronization. The server sends an acknowledgment of 1 to the client. The ACK is specific to the SYN the client sent. The acknowledge number is set to one more than the receive sequence number.
Step 3 Packet# 3
Finally, the client acknowledges the server’s request for synchronization with ACK 1. The ACK is specific to the SYN the server sent. The acknowledge number is set to one more than the receive sequence number.
TCP标记和他们的意义如下所列:
* F : FIN - 结束; 结束会话
* S : SYN - 同步; 表示开始会话请求
* R : RST - 复位;中断一个连接
* P : PUSH - 推送; 数据包立即发送
* A : ACK - 应答
* U : URG - 紧急
* E : ECE - 显式拥塞提醒回应
* W : CWR - 拥塞窗口减少
TCP Flags详解:http://www.firewall.cx/networking-topics/protocols/tcp/136-tcp-flag-options.html
tcpdump
sudo tcpdump -i any -s 0 dst port 111 -Z root -w target.pcap
wireshark
ip
tcp
WireShark出现的常见提示
- TCP Out_of_Order的原因分析:
一般来说是网络拥塞,导致顺序包抵达时间不同,延时太长,或者包丢失,需要重新组合数据单元,因为他们可能是由不同的路径到达你的电脑上面。
- TCP Retransmission原因分析:
很明显是上面的超时引发的数据重传。
- TCP dup ack XXX#X原因分析:
就是重复应答#前的表示报文到哪个序号丢失,#后面的是表示第几次丢失。
- tcp previous segment not captured原因分析
意思就是报文没有捕捉到,出现报文的丢失。
推荐阅读
-
《PHP核心技术与最佳实践》PHP使用PHPRPC协议调用JAVA类
-
Facebook被曝与多家手机厂商签署秘密协议,常年提供用户隐私数据
-
登录错误---ORA-12560:TNS:协议适配器错误
-
利用http协议发布博客园博文评论,_PHP教程
-
day27-python之迭代器协议
-
分布式事务之深入理解什么是2PC、3PC及TCC协议?
-
Python实现TCP探测目标服务路由轨迹的原理与方法详解
-
第二十七章 网络通信协议、UDP通信、TCP通信
-
http 协议漫谈
-
nginx proxy_cache配置说明 nginx proxy cache nginx tcp proxy nginx proxy pass配