TCP troubleshooting
In this section we will learn about different network problems that occur and try to analyze and solve them with lab exercises. Let's start with the Reset
(RST
) packet.
TCP reset sequence
The TCP RST
flag resets the connection. It indicates that the receiver should delete the connection. The receiver deletes the connection based on the sequence number and header information. If a connection doesn't exist on the receiver RST
is set, and it can come at any time during the TCP connection lifecycle due to abnormal behavior. Let's take one example: a RST
packet is sent after receiving SYN/ACK
, as shown in the next image.
RST after SYN-ACK
In this example we will see why RST
has been set after SYN-ACK
instead of ACK
:
Open the RST-01.pcap ...
Get Packet Analysis with Wireshark now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.