Find Out How

Print Friendly Version

Working With HTTP Packets

To work with an HTTP recording, locate the recording you would like to work with by navigating to the Repository tab within SOASTA CloudTest. Click on the Message Recordings item towards the upper left hand side of the screen. All of the recordings available will display. Select the recording desired from the list of recordings. To open a recording, you may either double-click the item or right-mouse and select “Open”.

The recording should then appear as shown. The recorded messages appear as a series of icons. You may use the slider immediately beneath the icons to view messages that fall outside the current viewing window. The default viewing window displays the first 100 messages. If the recording contains more than 100 messages and you wish to view more, use the filter to adjust the number of messages in the display.

To view the network packets recorded, click on “Show Packets”, which is towards the upper right hand side of the recording window (HTTP recordings only. If  “Show Packets” does not appear your recording was most likely recorded using HTTPS recording).

This will cause the network packets recorded to display. These packets include all of the packets that made up the messages in your recording. When packets are shown, the relationship between the highlighted message and the corresponding packets is shown. The packets that correspond are highlighted in blue. Similarly, if you click on any given packet, the corresponding message will be highlighted. Some packets do not correspond to any message and thus will not cause a message to be highlighted.

To view detailed information about a packet, click on the icon for the packet. Detailed information about that packet will appear in the lower right hand portion of the recording screen. 

The detailed information displayed for a packet can be summarized as follows:

  1. Ethernet detail
  2. Internet Protocol (IP) detail
  3. Transmission Control Protocol (TCP) detail
  4. Packet content

Each packet consists of a set of headers for the various communication layers involved in the proper delivery of messages. Typically, the communication layers for HTTP consist of a network layer (Ethernet) and the TCP/IP layers. Within the protocol layers is the actual content of the packet, sometimes referred to as the “payload”.

The packet details begin with some basic information. The “Frame number” is simply the sequence number of the recorded packet in the recording. The protocol is always HTTP. The Timestamp is the time the packet was recorded.

The information available for the Ethernet protocol layer is displayed as in the following example:

The information from the Ethernet portion of the packet is summarized in the following table.

dst

The network destination address

src

The network source address

proto

The encapsulated protocol (ie the “next” layer). In this case, Internet Protocol (IP)

crc

Checksum. In this case the checksum was not provided.
 

The information from the Internet Protocol layer is displayed as in the following example:

The information from the Internet Protocol (IP) portion of the packet is summarized in the following table.

ver

The version of Internet Protocol (IP) used. In this case, version 4

hlen

The length of the IP header in 4 byte increments

tos

Flags used in IP routing

len

Total length of the IP packet. Note that the packet includes the entire TCP packet including its headers.

id

IP packet id. Aids in reassembling fragmented packets

flags

Flags that control packet fragmentation. These flags control whether or not the IP packet is allowed to be delivered in more than one fragment, and whether or not this is the last fragment (if allowed).

offset

If fragmented, the offset for the fragment

ttl

Time-to-live for the packet (in seconds)

protocol

Protocol of the encapsulated layer. In the example the encapsulated communication layer is Transmission Control Protocol (TCP)

checksum

Checksum for packet validation

saddr

Source IP address (host name lookup provided)

daddr

Destination IP address (host name lookup provided)
 

The information from the Transmission Protocol layer is displayed as in the following example:

The information from the Transmission Control Protocol (TCP) portion of the packet is summarized in the following table.

sport

Sending port number

dport

Destination port number

seq

Sequence number of the packet

ack

Sequence number of the packet to be acknowledged

hlen

Header length in 4 byte increments

res

Reserved

code

Control flags
    URG:  Urgent Pointer field significant
      ACK:  Acknowledgment field significant
      PSH:  Push Function
      RST:  Reset the connection
      SYN:  Synchronize sequence numbers
      FIN:  No more data from sender

win

The number of data octets beginning with the one indicated in the acknowledgment field which the sender of this segment is willing to accept.

crc

Checksum for packet validation

urg

This field communicates the current value of the urgent pointer as a positive offset from the sequence number in this segment.  The urgent pointer points to the sequence number of the octet following the urgent data.  This field is only be interpreted in segments with the URG control bit set.
 

The final portion of the display is the actual data portion of the packet. This is the raw data of the HTTP message. The display in the left hand side contains the HEX values for the contents. The right hand side displays the textual version of the same content.

©2008 SOASTA, Inc