Solved

Delayed ACKs

Posted on 2004-09-23
8
720 Views
Last Modified: 2013-12-27
Can anyone tell me what delayed acks are supposed to look like on a sniffer?

Initially, I thought it was supposed to look like this:

Host A--------(1514byte frame)------> Host B

Host A--------(1514byte frame)------> Host B

Host A--------(1514byte frame)------> Host B

Host A <------------ACK----------------  Host B

But isnt the above TCP's sliding window protocol?


thanks!
0
Comment
Question by:dissolved
  • 5
  • 3
8 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 500 total points
ID: 12135326
That could easily be part of an FTP transaction using a sliding window protocol. What port numbers were involved?
0
 

Author Comment

by:dissolved
ID: 12136342
Hi, it was actually HTTP traffic.

 Could someone post what the following would look like on a sniffer:

1. Delayed ACKs

2. Sliding window protocol

3. Nagle algorithm

I'm assuming, the nagle algorithm looks like this:

Host A---------(60byte frame)---->   Host B
Host A  <----------ACK-------------    Host B
Host A---------(60byte frame)---->   Host B
Host A  <----------ACK-------------    Host B

I've read TCP/IP illustrated but am still having trouble recognizing what they would look like.
Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12136535
>  Hi, it was actually HTTP traffic.

Oh, that was probably just packet fragmentation. To determine what you have it is necessary to take the IP headers apart and look at the transfer sizes and sequence numbers.
0
 

Author Comment

by:dissolved
ID: 12136781
packets were not fragged.   DF flag was set each time.  

From my understanding, delayed ack is applied to the receiver. Where as nagle algorithm is applied to the sender.  I heard they can compliment each other in terms of piggybacking data.

What I want to know is where does the sliding protocol comes into play here.  I think if the packet is full size (1460 bytes of data), then it doesnt use the nagle algorithm. Rather, it uses sliding protocol.  I also believe nagle is used mostly in interactive sessions.

Can anyone correct me?

Thanks
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 40

Expert Comment

by:jlevie
ID: 12139900
> From my understanding, delayed ack is applied to the receiver.

True.

> Where as nagle algorithm is applied to the sender.

Also true.

> What I want to know is where does the sliding protocol comes into play here.

That is an optimization at the TCP/IP stack level and is a means of flow control. Basically the receiver side sets the window size to be the buffer space (usually at the kernel level) remaining. The sender is free to push data out at window sized transfers or less  as long as the receiver isn't advertising a zero window size. Window size advertisements can be occuring while data packets are being received and that will happen if the application is reading data from the buffer at a rate similar to the data arrival rate. In that case a steady-state condition can occur where data packets are in transit while window advertisements are also in transit, which is a very efficient form of data transfer.
0
 

Author Comment

by:dissolved
ID: 12140202
You said the sender can send as much data to the receiver as long as it doesnt go past the receivers window.  The sender can even send less.

If the sender sends less than the receivers window size, how will the receiver know when to ACK?  Won't the delayed ACK timer go off?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12140235
Let me think about that...
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12144124
ACK or delayed ACK would be a function of the packet size and frequency, as I understand it. Essentially that means that the sliding window and ACK behavior are independent functions.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
need to remove or skip  grub protection password in ubuntu on boot time 2 63
UNIX SCP 5 66
unix in java example 9 53
aix unix tar error 3 42
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now