This wiki has been migrated to https://gitlab.com/wireshark/wireshark/-/wikis/home and is now deprecated. Please use that site instead.
Differences between revisions 1 and 8 (spanning 7 versions)
Revision 1 as of 2004-09-14 13:30:56
Size: 2071
Editor: UlfLamping
Comment: first content
Revision 8 as of 2005-01-21 14:30:57
Size: 2217
Editor: UlfLamping
Comment: add links to existing TCP Preferences pages
Deletions are marked like this. Additions are marked like this.
Line 6: Line 6:
It provides the described TCP port multiplexing and much more. It establishes a logical connection, which is reliable against the problems of duplicated packets, loss of packets and such. It provides the described TCP port multiplexing and much more. It establishes a logical connection, which is reliable against the problems of PacketLoss, DuplicatePackets and such.
Line 16: Line 16:
 * ["IP"]: Typically, TCP uses ["IP"] as it's underlying protocol. The well known protocol id for TCP on IP is 0x06.  * ["IP"]: Typically, TCP uses ["IP"] as its underlying protocol. The assigned protocol number for TCP on IP is 6.
Line 32: Line 32:
(XXX add links to preference settings affecting how TCP is dissected).  * ["TCP Reassembly"]
 * ["TCP Checksum Verification"]
 * ["TCP Analyze Sequence Numbers"]
 * ["TCP Relative Sequence Numbers"]
Line 44: Line 47:
 Show only the traffic to and from TCP port 80 (usually ["HTTP"]): {{{
 tcp.port == 80 }}}

Transmission Control Protocol (TCP)

The TCP protocol provides stream based connection oriented transfer of data of the InternetProtocolFamily.

It provides the described TCP port multiplexing and much more. It establishes a logical connection, which is reliable against the problems of PacketLoss, DuplicatePackets and such.

Sending a few bytes will transfer them to the remote host, without giving any additional faulty or missing bytes to the receiving application.

History

XXX - add a brief description of TCP history

Protocol dependencies

  • ["IP"]: Typically, TCP uses ["IP"] as its underlying protocol. The assigned protocol number for TCP on IP is 6.

Example traffic

XXX - Add example traffic here (as plain text or Ethereal screenshot).

Ethereal

TCP dissector is fully functional.

You can select a TCP stream very fast by using the Follow TCP stream feature. First select a TCP packet in the packet list pane and then click the menu item Analyze/Follow TCP Stream

There are two statistical menu items for TCP available: Statistics/Endpoints which contains a tab showing all TCP endpoints (combination of IP address and TCP port) and Statistics/Conversations, which contains a tab showing all TCP conversations (combination of two endpoints).

Preference Settings

  • ["TCP Reassembly"]
  • ["TCP Checksum Verification"]
  • ["TCP Analyze Sequence Numbers"]
  • ["TCP Relative Sequence Numbers"]

Example capture file

XXX - Add a simple example capture file. Keep it short, it's also a good idea to gzip it to make it even smaller, as Ethereal can open gzipped files automatically.

Display Filter

A complete list of TCP display filter fields can be found in the [http://www.ethereal.com/docs/dfref/t/tcp.html display filter reference]

  • Show only the TCP based traffic:

     tcp 

    Show only the traffic to and from TCP port 80 (usually ["HTTP"]):

     tcp.port == 80 

Capture Filter

  • Capture only the TCP based traffic:

     tcp 

Discussion

Transmission_Control_Protocol (last edited 2020-07-23 02:19:27 by ChuckCraft)