Selective ACKs reduce the number of retransmissions on the network - enabling a receiver to indicate the missing Sequence Numbers while acknowledging receipt of data after the missing Sequence Numbers.
As mentioned in my last blog, a SACK block contains a SACK Left Edge and a SACK Right Edge. The Acknowledgment Number field indicates the first missing Sequence Number.
Based on the Relative Acknowledgment Number field in the image below, this ACK indicates that we expect Relative Sequence Number 947870 next. The SACK block indicates we received Relative Sequence Numbers 949330 up to, but not including, Relative Sequence Number 958090.
What if we lose another packet before recovering from the first missing packet? In that case, you would see another SACK block appear. In the following image, we now have two SACK blocks.
We are still missing incoming Relative Sequence Number 947870 (since we see the same Relative Acknowledgment Number field value as previously).
Now, we have a new SACK block appearing before the existing SACK block.
The new SACK block indicates we have received Relative Sequence Numbers 959550 up to, but not including 961010. The new SACK block was created because Relative Sequence Number 958090 was expected but not received. The packet with Relative Sequence Number 958090 is the second missing packet.
When Relative Sequence Number 947870 is received, the new Relative Acknowledgment Number field will change to 958090.
RFC 2018: TCP Selective Acknowledgement Options allows for a maximum of four SACK blocks, with the newest block acknowledging the most recently received data bytes.
Are you interested in quickly determining if you have multiple SACK blocks in the same packets in your trace file? Apply a display filter for tcp.options.sack.count > 1.
Enjoy!
Comments