Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Delayed ACKs

Posted on 2004-09-23
8
Medium Priority
?
743 Views
Last Modified: 2013-12-27
Can anyone tell me what delayed acks are supposed to look like on a sniffer?

Initially, I thought it was supposed to look like this:

Host A--------(1514byte frame)------> Host B

Host A--------(1514byte frame)------> Host B

Host A--------(1514byte frame)------> Host B

Host A <------------ACK----------------  Host B

But isnt the above TCP's sliding window protocol?


thanks!
0
Comment
Question by:dissolved
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 2000 total points
ID: 12135326
That could easily be part of an FTP transaction using a sliding window protocol. What port numbers were involved?
0
 

Author Comment

by:dissolved
ID: 12136342
Hi, it was actually HTTP traffic.

 Could someone post what the following would look like on a sniffer:

1. Delayed ACKs

2. Sliding window protocol

3. Nagle algorithm

I'm assuming, the nagle algorithm looks like this:

Host A---------(60byte frame)---->   Host B
Host A  <----------ACK-------------    Host B
Host A---------(60byte frame)---->   Host B
Host A  <----------ACK-------------    Host B

I've read TCP/IP illustrated but am still having trouble recognizing what they would look like.
Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12136535
>  Hi, it was actually HTTP traffic.

Oh, that was probably just packet fragmentation. To determine what you have it is necessary to take the IP headers apart and look at the transfer sizes and sequence numbers.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:dissolved
ID: 12136781
packets were not fragged.   DF flag was set each time.  

From my understanding, delayed ack is applied to the receiver. Where as nagle algorithm is applied to the sender.  I heard they can compliment each other in terms of piggybacking data.

What I want to know is where does the sliding protocol comes into play here.  I think if the packet is full size (1460 bytes of data), then it doesnt use the nagle algorithm. Rather, it uses sliding protocol.  I also believe nagle is used mostly in interactive sessions.

Can anyone correct me?

Thanks
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12139900
> From my understanding, delayed ack is applied to the receiver.

True.

> Where as nagle algorithm is applied to the sender.

Also true.

> What I want to know is where does the sliding protocol comes into play here.

That is an optimization at the TCP/IP stack level and is a means of flow control. Basically the receiver side sets the window size to be the buffer space (usually at the kernel level) remaining. The sender is free to push data out at window sized transfers or less  as long as the receiver isn't advertising a zero window size. Window size advertisements can be occuring while data packets are being received and that will happen if the application is reading data from the buffer at a rate similar to the data arrival rate. In that case a steady-state condition can occur where data packets are in transit while window advertisements are also in transit, which is a very efficient form of data transfer.
0
 

Author Comment

by:dissolved
ID: 12140202
You said the sender can send as much data to the receiver as long as it doesnt go past the receivers window.  The sender can even send less.

If the sender sends less than the receivers window size, how will the receiver know when to ACK?  Won't the delayed ACK timer go off?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12140235
Let me think about that...
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12144124
ACK or delayed ACK would be a function of the packet size and frequency, as I understand it. Essentially that means that the sliding window and ACK behavior are independent functions.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In tuning file systems on the Solaris Operating System, changing some parameters of a file system usually destroys the data on it. For instance, changing the cache segment block size in the volume of a T3 requires that you delete the existing volu…
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question