The most commonly used tool for network program debugging is Wireshark. Here is how to perform TCP packet analysis to evaluate the network situation by capturing packets:
a. After the client successfully connects to the server through three handshakes, it sends 5 bytes of HELLO data after 6 seconds and then actively sends a FIN packet to disconnect the connection. This is a normal TCP communication.
b. The client abnormally disconnects the connection as follows, and the server sends an RST packet notification. In most cases, the client no longer receives it. In this case, pay attention to recycling server network resources (closing invalid sockets) to avoid a large number of links in the close_wait state, which will reduce the concurrency of the referenced server.
c. The server actively disconnects as follows:
d. Determine the quality of network transmission by capturing network packets. When the network quality is poor as shown in the figure below, multiple retransmissions or reconnections will occur (WIFI is suddenly disconnected). When the client port is reconnected, it will generally change.
f. Wireshark supports the analysis of common network protocols. Enter the corresponding filter conditions for targeted analysis. For the filter condition rules, please refer to:
The following figure filters the packet capture of UDP multicast with a specific data length:
f. In Linux systems, Android, and iOS mobile terminals can command TCP dump to capture packets and record cap files, and then analyze the cap files with Wireshark, such as:
tcpdump -i eth1 -c 2000 -w eth1.cap
-i eth1 only captures data from eth1 port (network card name)
-c 2000 represents the number of packets, that is, only 2000 packets are captured
-w eth1.cap save as cap file, convenient for ethereal analysis
For more information on using the TCP dump command, see:
However, the mobile terminal may have read and write permissions restrictions. You can create a WIFI hotspot on the PC, connect the mobile terminal to the hotspot, and use wireshark on the PC to analyze the mobile terminal network interaction data.
Conclusion of TCP Packet Analysis
Through TCP packet analysis using Wireshark, you can see the network interaction status and network quality from the source address to the destination address. Sometimes the code and architecture that have been used well do not work in some complex network environments, but the limitations of the network link (routing, firewall, etc.) lead to communication failure.