Tag Archives: SpuriousRetransmission

#TCP you can learn “TCP spurious retransmission” in Wireshark

This article is related to Wireshark application, and does not involve the implementation of kernel protocol stack.

Recently, I found an expert tip “TCP spurious retransmission” that I haven’t seen (or paid attention to) before, as shown in the following figure:
in the packet capture

https://blog.packet-foo.com/2013/06/spurious-retransmissions/comment-page-1/ This is an additional prompt given by Wireshark to help users better understand the message process. The reason is that the sender resends a message segment that has received a response.

Back to this packet capture, the client initiates a connection request to the server. Because the corresponding port on the server is not open, it responds to the request with rst, and the rst responds to the initial sequence number. When the protocol stack tries to re initiate the connection again, the message will be marked as “spurious retransmission” by Wireshark.

Conclusion: pay attention to all knowledge.