Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Delayed ACKs

Posted on 2004-09-23
8
730 Views
Last Modified: 2013-12-27
Can anyone tell me what delayed acks are supposed to look like on a sniffer?

Initially, I thought it was supposed to look like this:

Host A--------(1514byte frame)------> Host B

Host A--------(1514byte frame)------> Host B

Host A--------(1514byte frame)------> Host B

Host A <------------ACK----------------  Host B

But isnt the above TCP's sliding window protocol?


thanks!
0
Comment
Question by:dissolved
  • 5
  • 3
8 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 500 total points
ID: 12135326
That could easily be part of an FTP transaction using a sliding window protocol. What port numbers were involved?
0
 

Author Comment

by:dissolved
ID: 12136342
Hi, it was actually HTTP traffic.

 Could someone post what the following would look like on a sniffer:

1. Delayed ACKs

2. Sliding window protocol

3. Nagle algorithm

I'm assuming, the nagle algorithm looks like this:

Host A---------(60byte frame)---->   Host B
Host A  <----------ACK-------------    Host B
Host A---------(60byte frame)---->   Host B
Host A  <----------ACK-------------    Host B

I've read TCP/IP illustrated but am still having trouble recognizing what they would look like.
Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12136535
>  Hi, it was actually HTTP traffic.

Oh, that was probably just packet fragmentation. To determine what you have it is necessary to take the IP headers apart and look at the transfer sizes and sequence numbers.
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:dissolved
ID: 12136781
packets were not fragged.   DF flag was set each time.  

From my understanding, delayed ack is applied to the receiver. Where as nagle algorithm is applied to the sender.  I heard they can compliment each other in terms of piggybacking data.

What I want to know is where does the sliding protocol comes into play here.  I think if the packet is full size (1460 bytes of data), then it doesnt use the nagle algorithm. Rather, it uses sliding protocol.  I also believe nagle is used mostly in interactive sessions.

Can anyone correct me?

Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12139900
> From my understanding, delayed ack is applied to the receiver.

True.

> Where as nagle algorithm is applied to the sender.

Also true.

> What I want to know is where does the sliding protocol comes into play here.

That is an optimization at the TCP/IP stack level and is a means of flow control. Basically the receiver side sets the window size to be the buffer space (usually at the kernel level) remaining. The sender is free to push data out at window sized transfers or less  as long as the receiver isn't advertising a zero window size. Window size advertisements can be occuring while data packets are being received and that will happen if the application is reading data from the buffer at a rate similar to the data arrival rate. In that case a steady-state condition can occur where data packets are in transit while window advertisements are also in transit, which is a very efficient form of data transfer.
0
 

Author Comment

by:dissolved
ID: 12140202
You said the sender can send as much data to the receiver as long as it doesnt go past the receivers window.  The sender can even send less.

If the sender sends less than the receivers window size, how will the receiver know when to ACK?  Won't the delayed ACK timer go off?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12140235
Let me think about that...
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12144124
ACK or delayed ACK would be a function of the packet size and frequency, as I understand it. Essentially that means that the sliding window and ACK behavior are independent functions.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
FreeBSD on EC2 FreeBSD (https://www.freebsd.org) is a robust Unix-like operating system that has been around for many years. FreeBSD is available on Amazon EC2 through Amazon Machine Images (AMIs) provided by FreeBSD developer and security office…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question