Beware that the role SGSN and BTS or RNC play isn't just that of a router!
They actually do stateful inspection, queueing and retransmission.
That means that unless you have an ideal connection (~0dB) on the air
interface won't see the same things in the Gi(CoreNetwork->IP) and in
the R(Mobile->PC) interface.
On 1/25/06, fonte fonte <fonte_monte@xxxxxxxxx> wrote:
> Why do I get so many Out-of-Order and Retransmitted packets on the client
> side (hundreds of them)? This doesn't match the server side at all which has
> very few, if any of those packets. This is definitely Not due to GPRS dial
> up I'm using. Any input is really appreciated.
>
> fonte fonte <fonte_monte@xxxxxxxxx> wrote:
>
> Hi all.
>
> I wish to have some inputs on my capture findings. Before that I will
> describe the case scenario.
>
> Initially, I have a FTP server installed at my college, was given a
> specific IP for it and going through the college gateway to the outside
> world. On the client side, I was using GPRS dial up to access my server and
> I use Ethereal to capture at both sides while downloading the file.
>
> After a while, the college decided they couldn't allow me to put my server
> there anymore due to some firewall issue etc. As a result, I relocated my
> server to my home and put it behind a Linksys wireless router and connected
> it through my broadband internet.
>
> However, when I compared the captures I got from both situations, it
> differed somewhat. Basically, when my server was at my college,
> server-client captures more or less matched each other - this I refer to the
> Info column of Ethereal display window. Example is on the first SYN sent.
>
> From server capture:
> source = client, destination = server:
> 3050 > ftp [SYN] Seq=0 Ack=0 Win=32768 Len=0 MSS=1380 TSV=0 TSER=0
> In Packet Details pane, Options = 20 bytes
>
> From client capture:
> source = client, destination = server
> 3050 > ftp [SYN] Seq=0 Ack=0 Win=32768 Len=0 MSS=1460 TSV=0 TSER=0
> In Packet Details pane, Options = 20 bytes
>
> Here, the only different I notice is the MSS value. Why was the MSS val ue
> different?
>
> I ran the two captures through tcptrace and I noticed a small amount of
> packet retransmissions. From the server capture, 5 packets were
> retransmitted on the server-to-client direction when downloading file. From
> the client capture, 2 packets were retransmitted on the server-to-client
> direction.
>
> Now, when my server was relocated to my home, somehow the server-client
> captures differed greatly and I know this is most probably be due to the
> changed network architecture. Nevertheless I wish for a detail explanation
> on it. Example is also on the first SYN sent.
>
> From server capture:
> source = client, destination = server:
> 23395 > ftp [SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1380
> In Packet Details pane, Options = 4 bytes
>
> From client capture:
> source = client, destination = server
> 3031 > ftp [SYN] Seq=0 Ack=0 Win=64240 Len=0 MSS=1460 TSV=0 TSER=0
> In Packet Details pane, Op tions = 20 bytes
>
> Here, port number, Win, MSS and Options values were different. Can anyone
> please help explain why? I hadn't changed any settings in both server-client
> systems.
>
> On tcptrace, a more bizarre findings. From the server capture, 3 packets
> were retransmitted on the server-to-client direction when downloading file.
> From the client capture, 251 packets were retransmitted on the
> server-to-client direction. I am totally lost! In Ethereal, these are a mix
> of retransmitted and out-of-order packets. Please anyone, any input is
> really appreciated.
>
> One more thing, when I opened the client capture which consists of this too
> many retransmitted packets, I get an error 'The capture file appears to have
> been cut short in the middle of a packet'. I'm using version 0.10.13.
>
> I hope my case is really clear. I had not attached any capture (one is
> about 1000+ KB) however if it is needed I would emai l it.
>
> Any input, suggestion, comment, feedback is greatly appreciated.
>
> Thanks all.
>
>
> ________________________________
> Yahoo! Photos
> Got holiday prints? See all the ways to get quality prints in your hands
> ASAP.
>
>
> ________________________________
> Do you Yahoo!?
> With a free 1 GB, there's more in store with Yahoo! Mail.
>
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>
>
>
--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan
