Re: Duplicate TCP sequence numbers

From: Paul Hilton (paul_hilton_at_compuserve.com)
Date: 04/12/04 

Date: Mon, 12 Apr 2004 18:44:28 GMT

On Thu, 08 Apr 2004 17:38:38 +0000, Tauno Voipio wrote:
>
> The tcpdump output is somewhat difficult to decode sometimes.
>
> I suspect that you are following the wrong sequence. There are
> two sequence numbers in each segment: the number expected to be
> received next and the number of the first data in the current
> segment. If there is no data in the segment, the sent number
> stays put. An ACK segment is simply a segment with no data.
>
> The ACK flag name is somewhat misleading: actually it says:
> I have synchronized with your send sequence numbers with my
> ACK numbers.
>
> Please get the Ethereal network dumper (tethereal for no X)
> and trace the connection again.
>
> HTH
>
> Tauno Voipio
> tauno voipio @ iki fi

Tauno,

Thanks very much for your help.

OK, I've got ethereal, learned how to make it work, captured the same
sequence. You are quite right, the output is much easier to follow.

However the same thing shows up, I could email the actual dump if it
helps, packets 3 and 4, both from my computer, have the same sequence number.
(and the same problem later).

Here is the summary: (appologies for the line lengths)
    No. Time Source Destination Protocol Info
      1 0.000000 Candide.acculin 192.168.1.10 TCP 41666 > cadlock2 [SYN] Seq=180881316 Ack=0 Win=5840 Len=0
      2 0.018201 192.168.1.10 Candide.acculin TCP cadlock2 > 41666 [SYN, ACK] Seq=148578 Ack=180881317 Win=512 Len=0
      3 0.018280 Candide.acculin 192.168.1.10 TCP 41666 > cadlock2 [ACK] Seq=180881317 Ack=148579 Win=5840 Len=0
      4 0.018873 Candide.acculin 192.168.1.10 TCP 41666 > cadlock2 [PSH, ACK] Seq=180881317 Ack=148579 Win=5840 Len=8
      5 0.041082 192.168.1.10 Candide.acculin TCP cadlock2 > 41666 [ACK] Seq=148579 Ack=180881325 Win=512 Len=0
      6 0.365783 192.168.1.10 Candide.acculin TCP cadlock2 > 41666 [PSH, ACK] Seq=148579 Ack=180881325 Win=512 Len=11
      7 0.365861 Candide.acculin 192.168.1.10 TCP 41666 > cadlock2 [ACK] Seq=180881325 Ack=148590 Win=5840 Len=0
      8 0.379847 192.168.1.10 Candide.acculin TCP cadlock2 > 41666 [FIN, ACK] Seq=148590 Ack=180881325 Win=512 Len=0
      9 0.379980 Candide.acculin 192.168.1.10 TCP 41666 > cadlock2 [FIN, ACK] Seq=180881325 Ack=148591 Win=5840 Len=0
     10 0.392271 192.168.1.10 Candide.acculin TCP cadlock2 > 41666 [FIN, ACK] Seq=148590 Ack=180881325 Win=512 Len=0
     11 0.392386 Candide.acculin 192.168.1.10 TCP 41666 > cadlock2 [ACK] Seq=180881326 Ack=148591 Win=5840 Len=0
     12 0.398712 192.168.1.10 Candide.acculin TCP cadlock2 > 41666 [ACK] Seq=148591 Ack=180881326 Win=512 Len=0
     13 0.411110 192.168.1.10 Candide.acculin TCP cadlock2 > 41666 [ACK] Seq=148591 Ack=180881326 Win=512 Len=0
     14 0.411134 Candide.acculin 192.168.1.10 TCP 41666 > cadlock2 [RST] Seq=180881326 Ack=0 Win=0 Len=0
 
Paul

Relevant Pages

  • Re: Cantor Confusion
    ... So, the notion of a sequence derives really from an inductive definition such as Peano's, and not from the one primitive in set theory, membership, alone. ... For any given n, the number of steps, the staircase is defined as the sequence of segment offset pairs: ... No, that is no simpler, and does not capture the direction or magnitude of any segment in a single pair. ... If this is a valid formulation of the two objects, and an explanation for Chas' counterexample to infinite-case induction, where does this fit with set theory? ...
    (sci.math)
  • Re: Compact subsets of {0,1}^N
    ... > the case where a is the empty sequence, ie a sequence of length 0: ... > T be the tree of all finite sequences a such that S_a intersect K ... > f(every finite initial segment of a) is an initial segment of f. ... each of which is a sibling. ...
    (sci.math)
  • Re: (My Review)Yeah, I watched the FMA Premium OVA Collection earlier, and...(no spoilers)
    ... tell that there was a few years between the release of the movie ... There is a live-action segment ... I thought the Chibi wrap aprty was -hilarious-. ... It's competently handled, and the "Kids" sequence is great, but except ...
    (rec.arts.anime.misc)
  • No Unique Initial Segment And No Characteristic Expansion
    ... Infinite people each flip coins infinite times. ... sequence that is different to everyone's sequence in atleast one flip. ... Unique Initial Segment, it does have a Characteristic Expansion. ...
    (sci.logic)
  • Re: Cantor Confusion
    ... But everyone says they make an adequate model for the naturals, ... If the sequence consists of segments of the form or, there ... is no segment which is diagonal in direction. ... I'm suggesting a definition of the curve as a sequence of pairs ...
    (sci.math)