What does a sequence of duplicate ACKs indicate in TCP traffic?

In TCP, duplicate acknowledgments occur when the receiver has received data up to a point and then gets out-of-order segments or is missing the next segment. The receiver keeps acknowledging the last in-order byte, so you see multiple ACKs for the same next expected sequence number. When the sender observes a few duplicate ACKs in a row—three is the classic threshold—it infers that the next segment was likely lost and should be resent. This is the fast retransmit mechanism, which allows recovery without waiting for the longer retransmission timer. Wireshark highlights these duplicate ACKs and can indicate a fast retransmit event, helping you spot where loss is impacting the flow. It’s not a sign of successful delivery, nor part of the TCP handshake, and it has nothing to do with DNS errors.