During our attempt to create an STCP packet, we encountered this problem:

RFC 793 states that DATA OFFSET field must be 4 bits long. After it, comes
the RESERVED field which is 6 bits long.

Wireshark analysis of regular TCP packets from UMLs reveals that the HEADER
LENGTH field, which we assume to be the equivalent of the DATA OFFSET field,
has a field-length of 2 hex digits = 2x4bits = 8bits.

If the RFC states DATA OFFSET must be 4 bits, how come wireshark is
expecting this field to have 8 bits in it?

How can a TCP header length of 20 = value of "50" in wireshark be achieved
if our DATA OFFSET field is limited to 4 bits. With 4 bits you can only go
up to 15.


-- Imad
gini mailing list

Reply via email to