TCP/IP Traces ??? ?? ??????? ????

???? ?????? ???? ??????
???? ID: 169292 - ?? ???????? ?? ?????? ??? ?? ?? ???? ???? ???? ??.
??? ?? ??????? ???? | ??? ?? ??????? ????

?? ????? ??

??????

?? ???? covers ??? ??? ????????? ?? ????????? TCP/IP traces ???? ?? ??? ?????? ???

???? ???????

TCP ????

??, ACK-(Acknowledge) ?????? ????? ????? ?? ACK ?? ?? ?????? ??????? ?????? ?? Len, ?? TCP ??? ?? ???? ?? ?????? ?? ????? ???

SYN ?? FIN ?? ??? ??? 1 ???? ???? flags. ACK thought ?? ?? ?? ?? ???? ??? ?? ??? ??? ??????? ???? ?? ??? ???? octet ?????? ??????? ?????? expects.

S, SYN - ?????????? ????? ??? ?? ???? ????? ?? ????? ?? ????????? ??????? ?????? ?? ??????? ???? ?? ???? ??????? ???????? ????? ????

?????? ?? ????? ?? ??? ?? ???? ???? ???? ?? ?? ?? ?? ??? ???? ?? graceful ???? ?? ????? F, FIN - ?????? ?? ????? ???? ???? ???

R, RST - ????? ?? (???????? ???? disconnection) ????? ?????? ??? ?? instantaneous abort.

P, PSH - ?????? forces ???? ????? ?? ???? ???? ?? ??? ?????? ?? ??? ????????? ?? ??? ??? ?? ?????? ??????? ?? ??? ????? ???? ???? ??? ???? ??????? ???? ?? ???????????? ??? ?? ????????? ?? ??? ?? ?? ??????

U, URG - ??????-???? ???? ?? ???? ???? ???
Example of 3 Way Hand Shake
--------------------------------------------------------------
Time     Dst IP          Src IP        Protocol    Description
20.862   157.57.24.193   157.57.11.169   TCP       ....S., len:    4, seq:
346564214, ack:         0, win: 8192,

20.866   157.57.11.169   157.57.24.193   TCP       .A..S., len:    4, seq:
339000739, ack: 346564215, win: 8760,

20.866   157.57.24.193   157.57.11.169   TCP       .A...., len:    0, seq:
346564215, ack: 339000740, win: 8760,


Example of Graceful Close (Modified 3 Way Hand Shake)

Time    Dst IP          Src IP        Protocol    Description
39.295  157.57.11.169   157.57.24.193   TCP       .A...F, len:    0, seq:
339000917, ack: 346564257, win: 8718,

39.295  157.57.24.193   157.57.11.169   TCP       .A...., len:    0, seq:
346564257, ack: 339000918, win: 8583,

39.298  157.57.24.193   157.57.11.169   TCP       .A...F, len:    0, seq:
346564257, ack: 339000918, win: 8583,

39.300  157.57.11.169   157.57.24.193   TCP       .A...., len:    0, seq:
339000918, ack: 346564258, win: 8718,
				

??????? ?? traces, ??? ????? ???????? ????????? (TCP) ??, ???? ??? ????????? ????? ????? ?? ?????? ?????? ?? ??????? ???? ??????? ??? ?? ????? ??? ??? ?????? ???? ????????? (NBT SMB, ??????, FTP, ???) ??, ?? ???? ???? TCP ???? ?? ??? ????? ??? ????? ?? ??? acks ?? ??????? ???????

Re-transmission ???????

(?? "TCP/IP ????????????? ?????")

TCP ???? re-transmission ????? ??????? ???? ?? ?? ???????? ???????? ??? ?? handed IP ?? ???? ??? ??? acknowledgment ??????? ??? ???? ?? ???? ??? ?? ??? ??? ???? ????? ?? ??????? ?????? ???? ??, ?? ??? ?? retransmitted, TcpMaxDataRetransmissions ??? ?? ??? ????? ?? ???????? ?? ??? ??????? ??? ??? 5 ???

3 ????? ?? ?? TCP ??????? ??????? ???? ?? ??? re-transmission ????? ??????? ??; ??????? ??? ?? ???????? "??"????? RFC793 ??? ???? ?????? Smoothed ??? ????? ??? (SRTT) ?????? ?? ????? ??????? ?? ????????? ?? ??? ???? ?? ???? ????? ?? ??? ?? ??? ?? ??? ???????? re-transmission ?? ?? ??? ?? ??? doubled ?? ??? ?? ?????????? ?? ????? ?? ??? ??, ?? TCP tunes ????? ?? ?? ??????? "???????" ????? ?? ???? ????-????? ???? ?? TCP ??????? ??? ????? ?? ?? ?? ??-????? ???? ???? ?? ??? ???? ?? ??????

????? ????? re-transmission ?????????? ?? ?? ??????? ?????? ?? ?? ???? ????? ?? ?????? ???? ?? ??? ?????? ??? ??? FTP ????? ?????????? ?? ?????? ?? ??, ?? ???????????? ????? ??????? ?? ?????????? ?? ???? ???? ?? ??????? ?? ??? SRTT ???? ???? ??, ??????? ???? re-transmission ???? ??? ???? one-half ?? ??? ???????? ????? ?? ??? ?? ?? ???? ??? ?? re-transmissions doubled ?? ???? ??? ??? ??????? re-transmission ?? ??? ????? doubled ?? ??? ??? ?? ????, ?? ??? ?? ??? ???? ?????? ???? ?? ???? ??? acknowledgment ??????? ?? ??, ?? ?????????? ?? ?????? ?????
delta source ip    dest ip      pro flags   description
--------------------------------------------------------------
0.000 10.57.10.32  10.57.9.138  TCP .A...., len: 1460, seq: 8043781, ack:
8153124, win: 8760

0.521 10.57.10.32  10.57.9.138  TCP .A...., len: 1460, seq: 8043781, ack:
8153124, win: 8760

1.001 10.57.10.32  10.57.9.138  TCP .A...., len: 1460, seq: 8043781, ack:
8153124, win: 8760

2.003 10.57.10.32  10.57.9.138  TCP .A...., len: 1460, seq: 8043781, ack:
8153124, win: 8760

4.007 10.57.10.32  10.57.9.138  TCP .A...., len: 1460, seq: 8043781, ack:
8153124, win: 8760

8.130 10.57.10.32  10.57.9.138  TCP .A...., len: 1460, seq: 8043781, ack:
8153124, win: 8760
				

???????? ?? ??? ??????????? "X's" exhausted ???, ?? ???? ??? ???? ??? ??? "?????" ??? ???? ??? ??? ???????? "Y" ??? ?? ???, "X" ???????? ??????? ?? ????? ?? ?? ???? ???

Windows ?????????

Handshake ?? ????? ????? ????? ?? ???? ??? ???? ??? ?? ?? ??? ????? ????? ????? ?? ????? ??? ????? ?? ???? ?? ???? ?? ?? ???? ?????? ?? ?????? ?? ??? ???? ??? ?? ???? ???? ack. ?????? ??????? ?? ???? ?? "?????" ?? ???? ??? ?????? ???????? ???? ?? ??? ?? ????? ???????? ?????? ???

??? receive ????? ?? ??? 8760 ??, ?????? ?? ???? ?? ????? 8760 ?????? ?? ack. ??????? ???? ?? ???? ???????????? ?? ???????? ?????, ???????? ????? ?? IP ????? ?? ??? ?? ???? ?? ??????? 8760 ack ???? (????? Ack ????? ?? Retransmit ????? ?????) Windows NT ????? ack ???????? ?????? ??? ????? ?????? ???????? ?? ???, ?? ?? ??? ???? ??? Windows NT ack 2 ?? ???? ?????? ??? ??? ??? ??? ??, ?? ???? ?? ?? ????? ???? ?? ??? ????????? ??, ????? ack ????? ??? ?? ?? ???? ???

????? 51 ??? ??????? ?????? ??? 349349990 ??? ????? 57 ??? ack, 349358750 ??? ?? ?????? 51 ?? 56 (6 ???????? 1460 = 8760 x) ?? ?????? ?? 51 ?????? ??? ??????? ??? ???? ?? ?????? ?? ??????? ?????? ??? ??? ??, ack 349358750 ??????? ?????? ?? ??????? ???? ?? ??? ????? expects ???? ????? ?? ???
Frame   Time    Src Other Addr  Dst Other Addr  Protocol  Description
---------------------------------------------------------------------
50      3.923   157.57.11.169   157.57.24.193   TCP       .A...., len:
0, seq: 356870796, ack: 349349990, win: 8760,

51      3.924   157.57.24.193   157.57.11.169   FTP       Data Transfer To
Client, Port = 1636, size 1460
+ TCP: .A...., len: 1460, seq: 349349990, ack: 356870796, win: 8760, src:
20  dst: 1636

52      3.940   157.57.24.193   157.57.11.169   FTP       Data Transfer To
Client, Port = 1636, size 1460

53      3.941   157.57.24.193   157.57.11.169   FTP       Data Transfer To
Client, Port = 1636, size 1460

54      3.943   157.57.24.193   157.57.11.169   FTP       Data Transfer To
Client, Port = 1636, size 1460

55      3.944   157.57.24.193   157.57.11.169   FTP       Data Transfer To
Client, Port = 1636, size 1460

56      3.946   157.57.24.193   157.57.11.169   FTP       Data Transfer To
Client, Port = 1636, size 1460

57      3.947   157.57.11.169   157.57.24.193   TCP       .A...., len:
0, seq: 356870796, ack: 349358750, win: 4096,
				

????? ?? ???? ?? ?????? ???????? ?? ??? ????? ???? ???? ??? ??? ??? ???? ????? ?? ???? ?? ???? ?????? ???? ???, ?? 0 ??? ?? ????? ?? ???? ??? ????? advertising ??, ?? ??? ???? ??????? ?? ???? ???? ??? ????? ??? 50 ???, ????? advertising 8760 ?? ????? ?? ???? ?? ?? ????? ?? 57 ?????? ??? ?? ?? ??? ?? 4096 ???? ?? ????

?????, ??????? ?? Endpoints

????? ??????? ????????? ultimate ?????? ???????? ?? ???? ??? ??????? ?? endpoints ?? ?? ???? ?????? ?????? ???? ??? ????? ?????, (?????, ?????) ??? Ex. (199.199.40, 21)

????? ???????

????? ?????? ??? ????????? ??? ??????? ??: Well-Known ?????, ??????? ????? ?? ?? / ???????? ?? ???? ?????? Well-Known ????? ??? ?? 0 ?? 1023.The ?? ??????? ????? ??? ?? 49151 ?? ?????? ?? 1024 ??? ???????? ??/?? ???? ????? 65535 ?? 49152 ?? ?? ????

Well-Known ????? ?????? ??????? ????? ???? ??? ???? ??????? (IANA) ????? ??? ?? ??? ?? ???? ????? ???? ???? ????? ?????? ????????? ?? ?????? ?? priviledged ???????????? ?????? ????????? ????????? ??? 80/TCP ?? 80/UDP ????? ?? ?? ?????? ?? ?? ?????? ??? ?? ????? priviledged ??? ?? ?????? HTTP ????????? ?? ????? ???? ?? ??? ??????? ???

??????? ????? IANA ?????? ???????? ?? ?? ??????? ???????? ?? ????? ???? ?? ???? ??????? ?????????? ??????????? ?? ????????? ??????? ?????????? ?????? ????????? ??? 1723/TCP ?? 1723/UDP ????? ?? ?? ?????? ?? ?? ?????? ??? ?????? ?? ??? ?????????? ??????? ??????? ???????? ????? ?? ??? ??? ?? ??? ????? ?? ????? Tunnelling ????????? (PPTP) ??? ???? ????????? ?????? ?? ????? ?? ????? ???? ?? ?????

???????? ?? ???? ????? ?? ???? ????????? ?? ?????????? ?????? ????? ???? ?? ????? ?? ??????????? ????

IANA ??? ?? ???? ??? ???? ?? ????? ?? ???? ???? ???? ??:
HTTP://www.iana.org/assignments/port-numbers
?????? ?????? ???? ??? ???? ?????? ???? ?? ??? Microsoft ???? ?????-???? ?????? ??????? ?????? ????? ??.. ?? ?????? ??????? ???? ???? ????? ????? ?? ??? ???? ??.. Microsoft ?? ?????-???? ?????? ??????? ?? ??? ???? ?? ??? ?????? ???? ????..

??? ????? ?? ??? ?????

????? ?? ?????? IP ??? ?? ????? ???? ?? ????? ???? ??? ?? ???? ?? ???? ????? ??? ???? ??? ?????, ??????? ?????? ?? ??? ??? acks ?? ????? ???? ack ??? ???? ??? ??? ???? ?? ??? ???? ?? ?? ????? ?? ??? ??? calculator ?? ????? ????? NetMon ?? ?? ??????? ?? ??? ?? ?????? ?? ???? ????? ?? ?????? ??????? ???????????? ??????????? ?? ?????? ??? ????, ?? ??? ??????? ??????????? ?? ?????? ???????, 5 ??? ?? ?????? ???? ACKing ?????? ???? ??? ????? ?? ??? ??? ????? ??????? ??????? ?? ?????? ?? ??? ?? ??? ?? ??? ?? ????? ????? ?????? ??? ????? ?? TCP ??? ?? time-outs ?? ???? ??? ????????? ?? ??? outs ???? ?? ???? ??? ????? TCP ??? ?? originating ????? ?? ????? ?? ??? ???? ???? ?????? ?? ???? ??? ????????? ?? originating ????? ?? ???? ????????? ???? ?? ??? ???? ???? ?? ???? ???

?????? ?? ???, ???? ????? ????? ????? (SMB) ??? 45 ????? ??? ??? ????? ?? ???? ?? ?? ???? ???? ?? ?? ????? ??? ?? ????? ???? ????? ??????? TCP ??? ?? ???? ????? ?????? ?? ?? ?? ??? ?? ??? ???? ???? ????? ?? ???? ??? ???? ?? ?? ???? ?? ????????? ???? ?? ??? ???? ?????? ?????? ??????? ?? ????? ???? ?? ???????? ?? ???? ???

????? ?? ??? TCP sequencing ?? higher-level ????????? ????? ???, ??????? ?????? ??????? ???? ?? ????? ????? ?? ???? ????:
  1. ?????? ???? ????? ????, ?? ???? ??? ???????? ?????? ???? ??? ???? ??????
  2. Click Display, and then choose Options.
  3. Select Auto (Based on protocols in display filter), and then click OK.
  4. Click Display, and then choose Filter.
  5. Double-click Protocol=Any.
  6. Click the Protocol tab, and then click Disable All.
  7. In the Disabled Protocols list box, choose TCP.
  8. Click Enabled, then click OK.
  9. ??? ????? ?????

??????

TCP/IP Illustrated Volume 1; W. Richard Stevens
TCP/IP Illustrated Volume 2 ; Gary R. Wright and W. Richard Stevens
Internetworking with TCP/IP Volume 1; Douglas E. Comer
Internetworking with TCP/IP Volume 2; Douglas E. Comer and David L. Stevens
"TCP/IP Implementation Details"; Dave MacDonald

???

???? ID: 169292 - ????? ???????: 02 ?????? 2010 - ??????: 4.0
???? ???? ???? ??:
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition
  • Microsoft Windows NT Server 4.0 Standard Edition
  • Microsoft Windows NT Workstation 4.0 Developer Edition
??????: 
kbinfo kbmt KB169292 KbMthi
???? ?????? ????????
??????????: ?? ???? ?? ???? ??????? ?? ????? ?? Microsoft ????-?????? ?????????? ?????? ?????? ???? ??? ??. Microsoft ???? ??? ????-???????? ?? ????-???????? ????? ?????? ?? ???? ???????? ???? ?? ???? ????? ????? ??? ?? ??? ?????? ?? ???? ???? ???? ??? ????? ??. ???????, ????-???????? ???? ????? ???? ???? ???? ???. ?????, ????????, ?????-???? ?? ??????? ?? ???????? ?? ???? ???, ???? ?? ??? ?????? ???? ???? ??? ????? ??? ?? ???? ??. Microsoft ??????? ??? ???? ?? ?????? ?? ??????????, ????????? ?? ??? ?????? ?? ???? ????? ?? ???? ???????? ?? ??? ???? ????? ?? ??? ????????? ???? ??. Microsoft ????-?????? ?????????? ?? ????? ?????? ?? ?? ??? ??.
?????????? ?? ??????? ????????? ??????? ??:169292

??????????? ???

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com