Http request


hi guys,

I recently started to use wireshark for education purposes. The first thing I tried was to capture the traffic while opening a browser to google (http request).

I have some questions about the output.

First I see the 3 way handshake, no problem here. Then my pc sends a get http.
The receiver (google) sends an ACK back followed by 2 ‘tcp segment of a reassembled pdu’ packets. Then I send an ACK back to google.

why do I get 2 packets of the reassembled pdu before an ACK is sent? does this have something to do with the window and if so how/where can I see the logic
behind it?



It is not mandatory to send an ACK packet after each data packet received.

If you receive many data packet very quickly (during a very short time),
it is highly possible to have only 1 ACK packet sent at the end.



hi olivier,

I understand what you’re saying, but is this in any way indicated in the capture file?
I’ve been reading on window size and sliding window, so I want to be able to understand.




i think you should look at the ACK sequence number sent by your machine.