How TCP Works - Acknowledgment Numbers

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] welcome to this video on how to CP works I'm Chris career with packet pioneer and today I'm going to talk about TCP acknowledgement numbers now in a previous video we talked about these sequence numbers and how those work but specific on this video we're going to focus in on those Act numbers so I'm going to take a look at this TCP connection and just to kick us off here I'm going to come down to packet for this is the first packet it actually has data in it in this connection so here the client is sending to the server 445 bytes as we saw in the last video we can see that the starting sequence number is 1 the next expected sequence number that this client will start on is 446 now that number is good for me to know in fact in the opposite direction if I take a look at the acknowledgement coming back from the server and this is where we can see the ACK this is an acknowledgement that ACK flag is checked there's nothing in this packet this is just what we call a basic TCP acknowledgement but if I come down to the act number the client or I'm sorry the server is saying hey I received your packet or at 4:46 we agree I'm good up until that byte of data alright so after this the server it sends its data so this is actually the response from the server we can see for this first packet it's starting off at this sequence number one it's incrementing 329 bytes the next starting sequence number will be 330 it maintains that act number because it's letting the client know okay I'm good up till 446 given the data that you sent me previously now the next packet from the server this is a full size packet foreign 60 bytes is encapsulated the starting sequence number is 330 the next expected is 1790 again we see that acknowledgement number of 446 now that number hasn't changed because we haven't seen any new data coming in from the client to acknowledge that data was sent it's already been acknowledged that's why we repeat that acknowledgement number there's no new to acknowledge now the client it receives those packets now it comes down and it says to the server acknowledgement number 1790 and if we recall that was the next expected sequence number with that second packet that tells us the client received both of these packets and it is good up to that byte of data up to that that sequence number now a visual feature of Wireshark that's nice and handy to understand is when I'm looking at an acknowledgment packet I can see which packet above is being acknowledged by this acknowledgement so coming up over here into the top left we can see this little check mark or this check check icon here so this shows me that packet eight is acknowledging packet seven so I'm good up to packet seven and no need to retransmit any data from that server so this is the basic mechanism of how acknowledgment numbers work basically they take the data that was sent from the server we add that to the starting sequence number and then that now becomes our acknowledgement number now for me I have some TCP profiles in here I can switch over to my TCP advanced profile and you can see how acknowledgement numbers can be a nice thing to add to our columns especially we're doing sequence and acknowledgement number analysis but for overall this basic TCP analysis sometimes that's a little overkill for me that's why I have TCP plain where I don't see those values it really just depends on what I'm troubleshooting now in a future video what we're going to take a look at is another aspect of the acknowledgement numbers and that is TCP do PACs we're going to take a look at those and we're also going to take a look at selective acknowledgments so those are different kind of acknowledgments in TCP we'll make sure to describe those for you in a future video so this video is useful for you in understanding TCP acknowledgment numbers and we'll see you next time
Info
Channel: Chris Greer
Views: 51,844
Rating: undefined out of 5
Keywords: Wireshark, TCP/IP, Slow network, protocol analysis, TCP, Transport, Protocol, Packet, TCP Handshake, wireshark training, wireshark tutorial, packet analysis, packet capture, tcp analysis, tcp connections, tcp acknowledgement, acknowledgement numbers, wireshark tutorial 2020, transport control protocol, tcp acks, free wireshark training, free wireshark tutorial
Id: AX2D_n1yZko
Channel Id: undefined
Length: 4min 7sec (247 seconds)
Published: Mon Aug 28 2017
Related Videos
How TCP Sequence Numbers Work - TCP Deep Dive // Hands-On Case Study
Chris Greer
27K
TCP - 12 simple ideas to explain the Transmission Control Protocol
Practical Networking
38K
TCP Bytes in Flight
Mike Pennacchi
8.6K
How TCP Works - Sequence Numbers
Chris Greer
106K
Learn Wireshark in 10 minutes - Wireshark Tutorial for Beginners
Vinsloev Academy
951K
How TCP Works - Duplicate Acknowledgments
Chris Greer
39K
How TCP Works - Window Scaling and Calculated Window Size
Chris Greer
80K
How TCP RETRANSMISSIONS Work // Analyzing Packet Loss
Chris Greer
30K
MALWARE Analysis with Wireshark // TRICKBOT Infection
Chris Greer
26K
How TCP really works // Three-way handshake // TCP/IP Deep Dive
David Bombal
504K
Troubleshoot TLS Handshake Failures using Wireshark
Plaintext Packets
20K
A Developer's Guide to SAML
OktaDev
122K
Wireshark Tip 1: TCP Reassembly Setting
Laura Chappell
34K
TCP Congestion Control // Hands-On Deep Dive TCP Analysis with Wireshark
Chris Greer
27K
SF18EU - 25 Using Wireshark to Solve Real Problems for Real People (Kary Rogers)
SharkFest Wireshark Developer and User Conference
55K
TCP Fundamentals - Retransmissions, Window Size // TCP/IP Explained
Chris Greer
121K
What is TCP Fast Open and how can it speeds up your Backend Application?
Hussein Nasser
4.1K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.