Why would it see double?
Albert Jurado
Network Manager
First Commercial Insurance Company
2300 W 84 St.
Hialeah, FL 33016
Phone: (305) 820-4848 ex. 1206
Mobile: (305) 873-4400
Email: ajurado@xxxxxxxxxxxxxxxx
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Jaap Keuter
Sent: Monday, March 10, 2008 1:31 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Terminal Server traffic
Hi,
I may be dependant how you configured the monitoring port on the core router.
If it captures both ingress and egress packets it start to see double. The
details I leave to the network operator buffs ;) .
Thanx,
Jaap
Albert Jurado wrote:
> As of last week we started to monitor traffic from our internal Terminal
> Server to our internal SQL server using wireshark.
>
> Our network is segmented in the following way:
>
> VLAN for servers
>
> Data VLAN for each floor in the building (six in total).
>
> We installed wireshark on a separate workstation plugged into our core
> router with a monitoring port configured
>
> Our first capture revealed over 40% of the traffic as “out-of-order”
> packets. When we performed a capture from the terminal server there was
> no such traffic.
>
> I wondering if this type of behavior is normal for terminal server
> communication. I hope someone can shed some light on this matter for
> me, it would greatly appreciated.
>
> Thanks!
>
> *Albert Jurado*
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
