http request

hi guys,

I recently started to use wireshark for education purposes. The first thing I tried was to capture the traffic while opening a browser to google (http request).

I have some questions about the output.

First I see the 3 way handshake, no problem here. Then my pc sends a get http.
The receiver (google) sends an ACK back followed by 2 'tcp segment of a reassembled pdu' packets. Then I send an ACK back to google.

No I have 2 questions:
1. What does 'tcp segment of a reassembled pdu' mean?
2. How come 2 of these packets are sent before I send an ACK back to google?

thx

post a screen shot of your sniffer please

hey sose, sure no problem. here it is:

1. What does 'tcp segment of a reassembled pdu' mean?

Transmission control protocol segment of a reassembled protocol data unit.


Basically it's saying it received a part of (segment) a protocol data unit which has been dissembled and reassembled. Most likely it was dissembled because of the MTU between point A and B.


2. How come 2 of these packets are sent before I send an ACK back to google?

TCP is using a sliding window meaning that it can send out a specific limited number of "unconfirmed data units" depending on the window side (the amount of allowed unconfirmed packets).

thx for the answer nevins, but where can I see these values in my capture like window side??