Reputation: 667
What indicates the end of a TCP stream?
I'm attempting to make a low-level packet reader, sort of like wireshark, for learning purposes and fun.
Going into http parsing, I quickly found that there are these TCP streams, and that data doesn't all come in one packet.
EDIT: What I consider to be the stream I've been told is not the right term. David Schwartz referred to it as a Query and EJP as a Sequence of Segments.
So I did a little reading on TCP, and I've read everywhere about the sequence and acknowledgment numbers, how they increase and wrap around etc..
Connection establishment and termination I already had knowledge of.
To be honest I've never been too good at interpretation or using google, but I've been at this for a bit, and I just can't seem to understand how the server/client ends a TCP stream.
I'm asking this because, after sending the totality of the http request, the server immediately replies with the page, so, as I've been going back and forward through packets in wireshark and I can't seem to find what delimits this stream (anything indicating length in the first packet or difference between the penultimate and last packets).
Is there no actual delimiter in TCP, and you just get the total length from the http headers's Content-Length?
As seen here, the first 3 packets are connection establishment.
The 3 after those are the sending of the http request (with first being ACK (the selected one), and the latest 2 being PSH & ACK).
The two after those are ACKs from the server, followed by the entirety of the response.
The last one is my ACK and the connection is never closed for the time I "recorded".
Thank you.
Upvotes: 1
Views: 4200
Answers (1)
Reputation: 311052
The end of a TCP stream is marked by a segment whose FIN bit is sent.
However that isn't the answer to your real question, which is about the end of an HTTP request or response, which is determined by:
- The Content-length, if present, or
- The final chunk in a chunked transfer, if used, or
- The FIN
if there is a body, otherwise the blank line after the headers as pointed out by @Barmar below.
Upvotes: 1
Related Questions
- When does a http2 TCP connection close?
- How should I mark the end of a TCP packet?
- C# - TcpClient - Detecting end of stream?
- In tcp connection termination
- How to tell when the Stream is at it's end?
- TCP Termination
- How to tell the TCP server that the particular message has ended?
- Is it possible for a server to know that a TCP stream has "finished" regardless of protocol?
- How to know when you finish receiving a TCP stream?
- Java TCP stream termination