Tagged: Tcp

Monday, Sep 24, 2018

A Fast Analysis of TCP Fast Open

Part 3 of our series exploring TCP examines the TCP “Fast Open” option and what to look for when troubleshooting TCP Fast Open (TFO) is an optional mechanism within TCP that lets endpoints that have established a full TCP connection in the past eliminate a round-trip of the handshake and send data right away. This speeds things up for endpoints that are going to keep talking to each other in the future and is especially beneficial on high-latency networks where time-to-first-byte is critical.

Read the whole entry »

Tuesday, Aug 28, 2018

The TCP Timestamp Option

We’re on a mission to tackle TCP, take it apart, and learn more about how it makes the internet work. Sample Captures Ahead! As always, we've gathered up the captures mentioned in this article into this collection over on CloudShark Did you know you can make collections just like this with CloudShark too? Learn more... Sample Captures Ahead! As always, we've gathered up the captures mentioned in this article into this collection over on CloudShark Did you know you can make collections just like this with CloudShark too?

Read the whole entry »

Monday, Aug 20, 2018

TCP Window Scaling

How Window Scaling keeps TCP moving at top speed Protocol choices made in older internet standards don’t scale to today’s network speeds. TCP (Transmission Control Protocol) has been making networks go for a very, very long time. As with many of the early internet protocols, limitations that seemed reasonable then can have a negative effect on performance now. Protocol designers allowed for future options to augment existing fields in order to keep them working effectively into the future.

Read the whole entry »

Monday, May 7, 2018

The effects of traffic bursts on network hardware

We’ve written extensively about the phenomenon of network microbursts and how to use the iPerf network performance tool to create them in order to test their effects on your network. Our interest in them grew out of our work with Velocimetrics, since microbursts can have pretty significant effects in financial/trade markets. Our journey down the rabbit-hole got us interested in seeing the effects of microbursts on switches and interfaces in a test network.

Read the whole entry »

Monday, Apr 30, 2018

How do you test microburst effects using iPerf?

Bursty traffic, particularly microbursts, are an often overlooked phenomenon that can cause serious issues with network performance. We’ve explained before what microbursts are and what they look like, but how can you use existing tools to test your network’s reliability in the presence of microbursts? How can I test network throughput? iPerf is one of the most commonly used tools to test network throughput. From their site: iPerf3 is a tool for active measurements of the maximum achievable bandwidth on IP networks.

Read the whole entry »

Saturday, Apr 14, 2018

What is a network microburst and how can you detect them?

When packets are transmitted from one interface to another, they aren’t necessarily delivered consistently. When a multitasking OS gives CPU time to the network process, it will send as much data as it can in the shortest time. In addition, for each “hop” that data traverses, buffering and other resource bottlenecks inherently make most traffic “bursty”. However, not all bursts are easily detected. A tool with fine enough granularity

Read the whole entry »

Tuesday, Jan 30, 2018

Using Follow Stream for Packet Capture Analysis

When getting to the heart of an application or security problem, finding the right TCP stream and following it using the “Follow TCP Stream” view in CloudShark is usually the place you want to get to in order to see an issue in action, for a great many use cases. But how do you find the right stream, and what should you look for once you’re viewing it? What is a stream?

Read the whole entry »

Thursday, Oct 4, 2012

Solution to Packet Capture Challenge #5 - TCP Fast Open and Home Routers

This challenge is now concluded! Read the solution below or scroll down for the original challenge! The Solution So, what’s going on here? This communication is happening over a home gateway using Network Address Translation, or NAT. This is very common in home networks as it allows a Service Provider to use only one public address to represent many hosts. It also has an interesting side effect of acting as a natural firewall.

Read the whole entry »

About Us

CloudShark is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: