Ethereal-users: [Ethereal-users] Question about "Window size" field

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Yingchao Liu <yingchao@xxxxxxxxxxx>
Date: Wed, 29 Oct 2003 15:30:32 -0600 (CST)
Hi, there,
I'm trying to use ethereal to reconstruct a tcp communication.
What I'm retrieving is the traffic of a simple web session
initiated from mozilla in Linux to a website. I'm especially
interested in the send window size and the receive window size
at that certain time point for each packet.
The segment of output is as follows. I have no clue about
what "window size" means in the output. The "next sequence number"
also seems bizarre to me. Does anybody have an idea? Thanks a lot.


Frame 4 (567 bytes on wire, 567 bytes captured)
    Arrival Time: Oct 26, 2003 19:46:20.971335000
    Time delta from previous packet: 0.000097000 seconds
    Time relative to first packet: 0.040945000 seconds
    Frame Number: 4
    Packet Length: 567 bytes
    Capture Length: 567 bytes
    ......
    Source: 128.105.111.141 (128.105.111.141)
    Destination: 216.239.39.99 (216.239.39.99)
Transmission Control Protocol, Src Port: 35126 (35126), Dst Port: www
(80), Seq: 3799174939, Ack: 689772740, Len: 513
    Source port: 35126 (35126)
    Destination port: www (80)
    Sequence number: 3799174939
    Next sequence number: 3799175452
    Acknowledgement number: 689772740
    Header length: 20 bytes
    Flags: 0x0018 (PSH, ACK)
        0... .... = Congestion Window Reduced (CWR): Not set
        .0.. .... = ECN-Echo: Not set
        ..0. .... = Urgent: Not set
        ...1 .... = Acknowledgment: Set
        .... 1... = Push: Set
        .... .0.. = Reset: Not set
        .... ..0. = Syn: Not set
        .... ...0 = Fin: Not set
    Window size: 5840
    Checksum: 0x40b5 (correct)

Frame 5 (60 bytes on wire, 60 bytes captured)
    Arrival Time: Oct 26, 2003 19:46:21.012698000
    Time delta from previous packet: 0.041363000 seconds
    Time relative to first packet: 0.082308000 seconds
    Frame Number: 5
    Packet Length: 60 bytes
    Capture Length: 60 bytes
    ......
    Source: 216.239.39.99 (216.239.39.99)
    Destination: 128.105.111.141 (128.105.111.141)
Transmission Control Protocol, Src Port: www (80), Dst Port: 35126
(35126), Seq: 689772740, Ack: 3799175452, Len: 0
    Source port: www (80)
    Destination port: 35126 (35126)
    Sequence number: 689772740
    Acknowledgement number: 3799175452
    Header length: 20 bytes
    Flags: 0x0010 (ACK)
        0... .... = Congestion Window Reduced (CWR): Not set
        .0.. .... = ECN-Echo: Not set
        ..0. .... = Urgent: Not set
        ...1 .... = Acknowledgment: Set
        .... 0... = Push: Not set
        .... .0.. = Reset: Not set
        .... ..0. = Syn: Not set
        .... ...0 = Fin: Not set
    Window size: 30660
    Checksum: 0xc8cf (correct)