TCP Zero Window, Window Full, Window Change, and other Window indicators
One of the most important mechanisms of TCP is the Sliding Window mechanism, and the Flow Control mechanism that uses it in order to control the amount of data that a TCP end node is willing to accept on the connection.
In this recipe we will focus on these types of problems, and how to discover the problem and solve it.
Getting ready
Connect Wireshark with a port mirror to the suspected link or server, and start capture. Keep track of every window message you will see in the capture window.
How to do it...
There are several types of window messages that you should be aware of:
TCP Zero Window, Zero Window Probe, and Zero Window Violation
TCP Zero Window occurs when a receiver advertises ...
Get Network Analysis Using Wireshark Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
