0

my connection to specific server fails and I cannot determine the reason. I've looked into Wireshark for generated tcpdump file but I cannot conclude anything except that there are lot of ACK success messages. https://github.com/veljkosbbb/tcpdump/raw/main/traffic.pcap

Can someone please give me the hint what is wrong with this connection? I cannot find any useful descriptive message that could clarify this issue.

Thank you!

vel
  • 1,000
  • 1
  • 13
  • 35
  • All what can be seen from the pcap is that the client breaks the connection after a while with a RST. The information why this is done cannot be determined from the packet capture. It might have been that the client crashed or that the client did not like the data or whatever. Look at the client side (logs, debug information ...) for more information. – Steffen Ullrich Feb 19 '21 at 05:40
  • @SteffenUllrich thank you for helping. Can you tell me shortly what does RST represents? And so you defininetly think that the issue is on Client side??? I have doubts on that because if I target some other server I do not have this kind of issue - that is why I assumed it's more server side issue... – vel Feb 19 '21 at 08:13
  • See https://stackoverflow.com/a/61250257/3081018 about RST. And it is clearly sent from the client, so it is very likely a client issue. It might be implicitly caused by some bad input from the server though and the client crashing because of it. – Steffen Ullrich Feb 19 '21 at 11:05
  • FYI: This capture file is interesting in that it exposes a bug in Wireshark. Running Version 3.5.0 (v3.5.0rc0-1031-gb620a5e53514) on Windows produces many lines of console output such as, `Warn Dissector bug, protocol TCP, in packet 371: path\to\master\epan\dissectors\packet-tcp.c:3193: failed assertion "fd_head"`. I would recommend filing a [Wireshark Issue](https://gitlab.com/wireshark/wireshark/-/issues) for this bug so it can be fixed. – Christopher Maynard Feb 19 '21 at 19:52

0 Answers0