The Oldcommguy
Sep 13, 20171 min
When I see TCP Retransmissions and Dup ACKs in a trace I naturally think about packet loss, but that's not the only cause. The TCP Checksum mechanism is used to check the integrity of the TCP payload (or segment) and, although it's rare to see genuine checksum errors in a trace, it's another cause of retransmissions.
For Wireshark users there's good and bad news. The good news is that Wireshark can check each packet for TCP Checksum errors. The bad news is that they are not always genuine errors. So how can we tell the difference?
In this video we look at the practical effects of genuine and false TCP Checksum errors.
I use the Workbench Matcher function in this video to compare two traces. The Workbench Workflow Library now includes a workflow that gives comprehensive guidance to Matcher, including videos showing the steps involved. You can still get a free copy of Workbench from the Downloads section of the TribeLab Community website - https://community.tribelab.com
Best regards...Paul