When I go to Statistics>Summary after each capture, it always give me Dropped Packets: 0 but I do encounter segment lost and retransmission. What does Dropped Packets really mean?
ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
"Previous Segment Lost" menas just that: the previous segments was
missing from the capture.
Was this segment immediately ACKed by the other side?
I.e. was there an ACK coming back reasonably soon after this segment
that ACKed what was marked as the "next sequence number" for the
"prev segm lost" packet or beyond that number ?
If so, it is very likely that the packet did go across the weire but
it was just missing from the capture.
Or,
Are there DupACKs and is there sometime later a TCP Retransmission
with a sequence number that is prior to the one in the "prev segment
lost" packet?
If so it the packet was probably lost.
Or,
Is there an OutOfOrder segment just immediately after the previous segment lost?
If so it is probably just packet reordering in the network which is normal.
Keep in mind, packetloss in
the network is normal and can not be eliminated.
In fact due to the way TCP works TCP must deliberately create
packetloss in order to be able to optimize throughput.
If only a few packets are missing and retransmitted then this is
normal and expected.
This is ethernet and tcp/ip it is supposed to be lossy.
On Fri, 24 Dec 2004 06:37:34 -0800, Brian Davidson wrote:
> Okay, I see that a TCP Packet was lost, but I guess I want a fuller definition of the word "lost". Yes, the packet might actually not be there. Beyond that, how likely is it that the traffic was so heavy on the line that Ethereal did not have resources to capture and save it? I need to know if "TCP Previous Segment Lost" means absolutely that it was missing, rather than "slipped past while Ethereal was busy". Is there some other indicater in the capture file that traffic volume got high enough to affect the ability to record?
>
> I'll next ask
this question of Cisco. Any idea what their answer will be?
>
> Thanks, Brian
>
> On Thu, 26 Aug 2004 17:08:24 +1000, ronnie wrote:
> >
> > They more than likely mean that you have packetloss somewhere on the
> > path between the two hosts.
> >
> > So that TCP needs to retransmit the packets.
> > 1, is an indication of TCP retransmitting a previously dropped packet.
> > 2, is an indication that one or more packet prior to this one in the
> > sequence number space was lost.
> >
> >
> > On Wed, 25 Aug 2004 11:21:03 -0500, Neil wrote:
> > > Hey guys,
> > >
> > > I'm trying to understand traffic. I am seeing the following in Ethereal. Can
> > > someone help me understand what those traffic mean?
> > >
> > > 1. TCP Retransmission
> > > 2. TCP Previous Segment Lost
> >
>
> > > Thanks,
> > >
> > > Neil
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users
Do you Yahoo!?
Jazz up your holiday email with celebrity designs.
Learn more.
