Wireshark
the world's foremost network protocol analyzer
Wireshark-users: Re: [Wireshark-users] Ethereal packet flow understanding
From: Sake Blok <sake@xxxxxxxxxx>
Date: Tue, 4 Jul 2006 21:01:23 +0200
On Tue, Jul 04, 2006 at 09:38:04AM +0000, Lee Langley wrote: > > I work for the support department of an ISP and we have a customer who has > posted a packet capture apparently showinng packet loss and retries. > > I am the first to admit that I do not understand what I should be looking > for and how it should look, are any of you aware of a newbue guide or how-to > on HTTP packet flow that I can compare this to? If it is packet-loss and retransmissions you are analysing, you are talking about the transport layer. For http this means looking at the TCP protocol. If you turn on the "Analyze TCP sequence numbers" option in the TCP protocol preferences, wireshark will do a lot of the analysis for you. Still it would be a good idea to read a book about the TCP/IP protocol, especially since you work for a company that makes a living with products/services based on this protocol ;) Cheers,
- References:
- [Wireshark-users] Ethereal packet flow understanding
- From: Lee Langley
- [Wireshark-users] Ethereal packet flow understanding
- Prev by Date: Re: [Wireshark-users] DumpCap and Multiple Files
- Next by Date: Re: [Wireshark-users] DumpCap and Multiple Files
- Previous by thread: [Wireshark-users] Ethereal packet flow understanding
- Next by thread: [Wireshark-users] How to enable h248 dissector for Ethereal trace H.248.1 v1 BER (ip:udp:h248) ?
- Index(es):