V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX 提问指南
jimy1
V2EX  ›  问与答

请高手帮忙分析 wireshark 抓包出现的单向重传和发送包长度为 0 的问题,先谢谢

  •  
  •   jimy1 · 2017-11-17 11:00:04 +08:00 · 2538 次点击
    这是一个创建于 2324 天前的主题,其中的信息可能已经有所发展或是发生改变。

    如下是拷贝的抓包描述,每次 10.254.251.74 发给 10.254.251.103 都会发 2 次然后才会有从 103 回包,wireshark 提示[TCP Out-Of-Order](应该是因为 2 次的 seq 号一样导致)

    还有一个问题就是隔几个包 10.254.251.103 会给 10.254.251.74 发送一次长度为 0 的包,然后才发送包含数据的报文。

    10.254.251.103 是客户端,和 10.254.251.74 长连接发送业务数据,10.254.251.74 会存储收到的业务数据,10.254.251.74 收到业务数据后回“ 0004OK..”给 10.254.251.103 (如果回的时候 socket 写不成功,则会尝试重写 3 次,连接不断只重写)

    850	0.297317	10.254.251.103	10.254.251.74	TCP	52633 > 9978 [PSH, ACK] Seq=1 Ack=1 Win=115 Len=693 TSV=1983788074 TSER=3365181331
    857	0.299894	10.254.251.74	10.254.251.103	TCP	9978 > 52633 [PSH, ACK] Seq=1 Ack=694 Win=670 Len=8 TSV=3365181648 TSER=1983788074
    858	0.299919	10.254.251.74	10.254.251.103	TCP	[TCP Out-Of-Order] 9978 > 52633 [PSH, ACK] Seq=1 Ack=694 Win=670 Len=8 TSV=3365181648 TSER=1983788074
    859	0.300071	10.254.251.103	10.254.251.74	TCP	52633 > 9978 [ACK] Seq=694 Ack=9 Win=115 Len=0 TSV=1983788077 TSER=3365181648
    868	0.303283	10.254.251.103	10.254.251.74	TCP	52633 > 9978 [PSH, ACK] Seq=694 Ack=9 Win=115 Len=689 TSV=1983788080 TSER=3365181648
    871	0.303439	10.254.251.74	10.254.251.103	TCP	9978 > 52633 [PSH, ACK] Seq=9 Ack=1383 Win=670 Len=8 TSV=3365181651 TSER=1983788080
    872	0.303441	10.254.251.74	10.254.251.103	TCP	[TCP Out-Of-Order] 9978 > 52633 [PSH, ACK] Seq=9 Ack=1383 Win=670 Len=8 TSV=3365181651 TSER=1983788080
    873	0.305156	10.254.251.103	10.254.251.74	TCP	52633 > 9978 [PSH, ACK] Seq=1383 Ack=17 Win=115 Len=689 TSV=1983788082 TSER=3365181651
    875	0.305851	10.254.251.74	10.254.251.103	TCP	9978 > 52633 [PSH, ACK] Seq=17 Ack=2072 Win=670 Len=8 TSV=3365181654 TSER=1983788082
    876	0.305929	10.254.251.74	10.254.251.103	TCP	[TCP Out-Of-Order] 9978 > 52633 [PSH, ACK] Seq=17 Ack=2072 Win=670 Len=8 TSV=3365181654 TSER=1983788082
    881	0.307979	10.254.251.103	10.254.251.74	TCP	52633 > 9978 [PSH, ACK] Seq=2072 Ack=25 Win=115 Len=748 TSV=1983788084 TSER=3365181654
    888	0.309467	10.254.251.74	10.254.251.103	TCP	9978 > 52633 [PSH, ACK] Seq=25 Ack=2820 Win=670 Len=8 TSV=3365181657 TSER=1983788084
    889	0.309472	10.254.251.74	10.254.251.103	TCP	[TCP Out-Of-Order] 9978 > 52633 [PSH, ACK] Seq=25 Ack=2820 Win=670 Len=8 TSV=3365181657 TSER=1983788084
    
    第 1 条附言  ·  2017-11-22 17:53:38 +08:00
    更新对端的抓包记录(截取了一段),TCP Out-Of-Order 在客户端也是每次发送都会出现,但多一个 TCP Dup ACK,TCP Dup ACK 大概每 15 个包会出现一次,先谢谢帮忙的各位:


    1 0.000000 10.254.251.74 10.254.251.103 TCP 9978 > 39934 [PSH, ACK] Seq=1 Ack=1 Win=817 Len=8 TSV=132194778 TSER=3044963545
    4 0.019092 10.254.251.103 10.254.251.74 TCP 39934 > 9978 [PSH, ACK] Seq=1 Ack=9 Win=115 Len=672 TSV=3044963566 TSER=132194778
    5 0.019111 10.254.251.103 10.254.251.74 TCP [TCP Out-Of-Order] 39934 > 9978 [PSH, ACK] Seq=1 Ack=9 Win=115 Len=672 TSV=3044963566 TSER=132194778
    6 0.020369 10.254.251.74 10.254.251.103 TCP 9978 > 39934 [PSH, ACK] Seq=9 Ack=673 Win=817 Len=8 TSV=132194799 TSER=3044963566
    7 0.023970 10.254.251.103 10.254.251.74 TCP 39934 > 9978 [PSH, ACK] Seq=673 Ack=17 Win=115 Len=786 TSV=3044963571 TSER=132194799
    8 0.023976 10.254.251.103 10.254.251.74 TCP [TCP Out-Of-Order] 39934 > 9978 [PSH, ACK] Seq=673 Ack=17 Win=115 Len=786 TSV=3044963571 TSER=132194799
    9 0.024614 10.254.251.74 10.254.251.103 TCP 9978 > 39934 [PSH, ACK] Seq=17 Ack=1459 Win=817 Len=8 TSV=132194803 TSER=3044963571
    10 0.027786 10.254.251.103 10.254.251.74 TCP 39934 > 9978 [PSH, ACK] Seq=1459 Ack=25 Win=115 Len=692 TSV=3044963575 TSER=132194803
    11 0.027791 10.254.251.103 10.254.251.74 TCP [TCP Out-Of-Order] 39934 > 9978 [PSH, ACK] Seq=1459 Ack=25 Win=115 Len=692 TSV=3044963575 TSER=132194803
    12 0.028712 10.254.251.74 10.254.251.103 TCP 9978 > 39934 [PSH, ACK] Seq=25 Ack=2151 Win=817 Len=8 TSV=132194807 TSER=3044963575
    13 0.036293 10.254.251.103 10.254.251.74 TCP 39934 > 9978 [PSH, ACK] Seq=2151 Ack=33 Win=115 Len=843 TSV=3044963584 TSER=132194807
    14 0.036300 10.254.251.103 10.254.251.74 TCP [TCP Out-Of-Order] 39934 > 9978 [PSH, ACK] Seq=2151 Ack=33 Win=115 Len=843 TSV=3044963584 TSER=132194807
    15 0.036581 10.254.251.74 10.254.251.103 TCP 9978 > 39934 [PSH, ACK] Seq=33 Ack=2994 Win=817 Len=8 TSV=132194815 TSER=3044963584
    第 2 条附言  ·  2017-11-22 17:54:08 +08:00
    16 0.040643 10.254.251.103 10.254.251.74 TCP 39934 > 9978 [PSH, ACK] Seq=2994 Ack=41 Win=115 Len=691 TSV=3044963588 TSER=132194815
    17 0.040651 10.254.251.103 10.254.251.74 TCP [TCP Out-Of-Order] 39934 > 9978 [PSH, ACK] Seq=2994 Ack=41 Win=115 Len=691 TSV=3044963588 TSER=132194815
    18 0.041855 10.254.251.74 10.254.251.103 TCP 9978 > 39934 [PSH, ACK] Seq=41 Ack=3685 Win=817 Len=8 TSV=132194820 TSER=3044963588
    33 0.081157 10.254.251.103 10.254.251.74 TCP 39934 > 9978 [ACK] Seq=3685 Ack=49 Win=115 Len=0 TSV=3044963629 TSER=132194820
    34 0.081162 10.254.251.103 10.254.251.74 TCP [TCP Dup ACK 33#1] 39934 > 9978 [ACK] Seq=3685 Ack=49 Win=115 Len=0 TSV=3044963629 TSER=132194820
    3 条回复    2017-11-22 17:56:55 +08:00
    hcymk2
        1
    hcymk2  
       2017-11-17 11:05:21 +08:00
    TCP Dup ACK ?
    jimy1
        2
    jimy1  
    OP
       2017-11-17 11:30:39 +08:00
    抓包文件打开后没有这个提示,只提示了 [TCP Out-Of-Order]
    jimy1
        3
    jimy1  
    OP
       2017-11-22 17:56:55 +08:00
    up,同问追加提问时 是不是和提问一样的支持行首 tab 键是代码格式?
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   我们的愿景   ·   实用小工具   ·   2809 人在线   最高记录 6543   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 25ms · UTC 14:57 · PVG 22:57 · LAX 07:57 · JFK 10:57
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.