First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Firmware transfer fails from local webserver with TCP retransmissions

I am running a local webserver on port 3274.

I am able to open the URL in local and remote system to view the files in the directory from which the file needs to be transferred.

Once I begin transmission, for a long time the packet transmission goes smoothly.

But then I start getting multiple TCP Retransmission of length 382, TCP acked unseen segment of length 60. After this begins, in a short time the file transfer is stopped and my operation is cancelled.

Please let me know if any additional detail is required in the description.

Google Drive link: https://drive.google.com/file/d/1XXPm...

ganeshkamath89's avatar
1
ganeshkamath89
asked 2020-11-07 06:54:31 +0000
Jaap's avatar
13.7k
Jaap
updated 2020-11-07 14:38:36 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Put the capture file on a publicly accessible file share and add the link to your question.

Jaap's avatar Jaap (2020-11-07 11:13:09 +0000) edit
more
  • delete

Thank you. I have added the link to my wireshark log

ganeshkamath89's avatar ganeshkamath89 (2020-11-07 11:31:51 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

If you do follow TCP stream the first stream is a correct one. The streams after that ...... are not correct in my view.

In the first stream you get a HTTP 206 response followed by the chunk of the file. That chunk is sent with a correct TCP sequence number.

But evry check after that you get also a HTTP 206 response but the chunk starts with the Sequence number on 1 which basically ignores the packet allready sent.

So I would have serious beef with any server administrator sending me this sort of data.

hugo.vanderkooij's avatar
76
hugo.vanderkooij
answered 2020-11-07 15:20:48 +0000, updated 2020-11-07 15:25:51 +0000
edit flag offensive 0 remove flag delete link
more

Comments

I have edited the shared wireshark log. There is long chain of correct stream before the one I have shared. But because it was a repetition, I have removed it.

Can you suggest any solution on how to overcome this expecially any web-server setting? Because I can control only the web-server setting.

ganeshkamath89's avatar ganeshkamath89 (2020-11-07 16:00:32 +0000) edit
more
  • delete

It's very difficult to analyze a capture when it's been modified, especially when we aren't informed of the modifications.

Please either share the unedited capture, or use something like TraceWrangler to anonymise it, letting us know you have done so.

grahamb's avatar grahamb (2020-11-08 11:10:29 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer