Hi Martin,
Thank you for your quick and precious explanation. There are Riverbeds in our WAN.
If possible could you please point me to papers/links about how Riverbed intercept packets between user and server (for example, does Riverbed inspect packet's payload to compress/de-compress, put back its original header, and forward the packet to its destination (or another Riverbed)
Once again, I greatly appreciate your help.
Regards,
PV
--- On Sat, 3/27/10, Martin Visser <martinvisser99@xxxxxxxxx> wrote:
From: Martin Visser <martinvisser99@xxxxxxxxx>
Subject: Re: [Wireshark-users] Immediate ACK from server
To: "Community support list for Wireshark" <wireshark-users@xxxxxxxxxxxxx>
Date: Saturday, March 27, 2010, 11:29 PM
More than likely, assuming your measurements are correct, there is a local "blackbox" between user and the server. This will possibly be an old-school application proxy (or a firewall acting as such a proxy), a device like Packeteer doing traffic-shaping, or a new-age WAN acceleration device (such as from Riverbed, or a Juniper WX or Cisco WAAS).
These all can fake the ACK, and do so simply to either avoid the problems of delay on WAN traffic, either trying to serve cached traffic or manage the sliding Window to improve (or hinder) your throughput. Regards, Martin MartinVisser99@xxxxxxxxx
-----Inline Attachment Follows-----
|
