[Linux] 使用tcpdump查看上传文件过程中的tcp传输过程

  • A+
所属分类:linux技术
摘要

 以下是上传图片文件时 , tcp的传输过程三次握手的过程客户端===>服务器[S] 标志位SYN 是1  ,  mss 65495 (每个包传输的最大数据部分是65495字节)  seq序列号是87768135

 

以下是上传图片文件时 , tcp的传输过程

15:38:07.695683 IP localhost.35648 > localhost.tproxy: Flags [S], seq 87768135, win 43690, options [mss 65495,sackOK,TS val 130193903 ecr 0,nop,wscale 7], length 0 15:38:07.695692 IP localhost.tproxy > localhost.35648: Flags [S.], seq 872635961, ack 87768136, win 43690, options [mss 65495,sackOK,TS val 130193903 ecr 130193903,nop,wscale 7], length 0 15:38:07.695699 IP localhost.35648 > localhost.tproxy: Flags [.], ack 1, win 342, options [nop,nop,TS val 130193903 ecr 130193903], length 0 15:38:07.695949 IP localhost.35648 > localhost.tproxy: Flags [.], seq 1:21846, ack 1, win 342, options [nop,nop,TS val 130193903 ecr 130193903], length 21845 15:38:07.695953 IP localhost.tproxy > localhost.35648: Flags [.], ack 21846, win 1365, options [nop,nop,TS val 130193903 ecr 130193903], length 0 15:38:07.696828 IP localhost.35648 > localhost.tproxy: Flags [.], seq 21846:87329, ack 1, win 342, options [nop,nop,TS val 130193903 ecr 130193903], length 65483 15:38:07.696833 IP localhost.tproxy > localhost.35648: Flags [.], ack 87329, win 2388, options [nop,nop,TS val 130193903 ecr 130193903], length 0 15:38:07.697173 IP localhost.35648 > localhost.tproxy: Flags [.], seq 87329:152812, ack 1, win 342, options [nop,nop,TS val 130193903 ecr 130193903], length 65483 15:38:07.697177 IP localhost.tproxy > localhost.35648: Flags [.], ack 152812, win 3411, options [nop,nop,TS val 130193903 ecr 130193903], length 0 15:38:07.697499 IP localhost.35648 > localhost.tproxy: Flags [P.], seq 152812:154298, ack 1, win 342, options [nop,nop,TS val 130193903 ecr 130193903], length 1486 15:38:07.697503 IP localhost.tproxy > localhost.35648: Flags [.], ack 154298, win 3625, options [nop,nop,TS val 130193903 ecr 130193903], length 0 15:38:07.698058 IP localhost.35648 > localhost.tproxy: Flags [F.], seq 154298, ack 243, win 350, options [nop,nop,TS val 130193903 ecr 130193903], length 0 15:38:07.698122 IP localhost.tproxy > localhost.35648: Flags [F.], seq 243, ack 154299, win 3625, options [nop,nop,TS val 130193903 ecr 130193903], length 0

三次握手的过程

客户端===>服务器[S] 标志位SYN 是1  ,  mss 65495 (每个包传输的最大数据部分是65495字节)  seq序列号是87768135

服务器===>客户端[S.]  标志位SYN是1 , 标志位ACK是1 , seq 序列号是872635961  , ack确认是 87768136  (上面seq+1)

客户端===>服务器[.] 标志位ACK是1 

 

开始上传文件:

客户端===>服务器  seq 1:21846

服务器===>客户端  ack确认收到 21846

客户端===>服务器 seq 21846:87329

服务器===>客户端  ack确认收到 87329

客户端===>服务器 seq 87329:152812

服务器===>客户端  ack确认收到 152812

客户端===>服务器 seq 152812:154298

服务器===>客户端  ack确认收到 154298

结束

这里可以看到保证TCP连接的可靠性的几种方式

1.数据包校验,发送方计算校验和,接收方结算校验和,进行对比
2.应答机制,seq序列号与ack确认号
3.超时重传机制,发送后启动定时器,进行重传
4.连接管理,三次和四次
5.对失序数据包重排序
6.流量控制和拥塞控制,使用滑动窗口协商大小