> 2014-07-02 20:59 GMT+02:00 Jasper Bongertz <jasper@xxxxxxxxxxxxxx>:
> Hello,
>
> as promised during Sharkfest, I checked the latest developer builds
> for the accuracy of the calculation of initial RTT for TCP
> connections. So far I have only seen correct results, even in cases
> with heavy packet loss during the three way handshake. So I think
> the code is good.
>
> I also checked traces where the TCP expert was incorrectly assuming
> a retransmission when it was in fact an out-of-order packet. Those
> are now correctly identified, at least when we have the handshake
> and thus initial RTT. Thumbs up for that.
>
> Regarding the way to handle missing handshakes - I would go with the
> old 3ms arbitrary value in that case, because most Wireshark
> captures are taken in local network environments. Higher values are
> problematic because retransmissions are not flagged anymore and
> called out-of-order instead, which could lead to a lot of confusion
> out there. I prefer false positives for retransmissions over
> out-of-orders.
>
> Again, thanks for the effort!
>
> Cheers,
> Jasper
> Hi,
> if it is working great (Evan changed the timer back to its old 3ms
> arbitrary value in case we do not have the handshake) would it make
> sense to backport this change from the development branch to the
> 1.12 one (before Wireshark 1.12 gets released)?
>
> Regards,
> Pascal.
yes, it would definitely be nice to have it in 1.12 if possible.
Cheers,
Jasper
jasper@xxxxxxxxxxxxxx
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
