From: [EMAIL PROTECTED] [EMAIL PROTECTED] On Behalf Of Imad Gharazeddine | 
Sent: November 16, 2008 9:29 PM
To: Muthucumaru Maheswaran; gini@cs.mcgill.ca
Subject: [gini] Data Offset field contradiction

During our attempt to create an STCP packet, we encountered this problem:

RFC 793 states that DATA OFFSET field must be 4 bits long. After it, comes the 
RESERVED field which is 6 bits long.

Wireshark analysis of regular TCP packets from UMLs reveals that the HEADER 
LENGTH field, which we assume to be the equivalent of the DATA OFFSET field, 
has a field-length of 2 hex digits = 2x4bits = 8bits.

If the RFC states DATA OFFSET must be 4 bits, how come wireshark is expecting 
this field to have 8 bits in it?

How can a TCP header length of 20 = value of "50" in wireshark be achieved if 
our DATA OFFSET field is limited to 4 bits. With 4 bits you can only go up to 


-- Imad
gini mailing list

Reply via email to