On Apr 22, 2009, at 7:53 AM, Kaushal Shriyan wrote:
I am referring to http://networking.ringofsaturn.com/IP/howtrafficflows.php
.
I have couple of questions.
1) Line 10 says HTTP Continuation,that means a user is visiting the
links and urls on that webpage ?
"HTTP Continuation" means that reassembly of multi-TCP-segment HTTP
requests or replies isn't happening, and the packet doesn't look like
the beginning of an HTTP request or reply, so that packet is probably
a TCP segment that's part of the HTTP reply that begins in an earlier
packet (packet 9).
I.e., as that page says:
The HTTP Continuation lines represent where the contents of the html
page are sent over. It includes text, links, etc.
I mean he is surfing www.cyberguard.com given in that example,is
that correct what i understand ?
As the page says, packet 8 has a request for a page from 64.94.50.88 (www.cyberguard.com
), and packets 9 and 10 have the reply from www.cyberguard.com giving
the page in question.
2) when the user close the browser on his workstation, so line 11
and line 12 happens next ?
Packet 11 is the user's machine acknowledging, at the TCP layer, that
it received some packets from the server, probably all TCP packets up
to packet 10. It has nothing to do with the user closing the browser.
Packet 12 might be the result of closing the browser, or the browser
might be closing the connection for other reasons.
