Thanks Hansang.
That's what I thought at first but I couldn’t find the spot to look for it in Wireshark (I'm a newbie). Why wouldn't Wireshark be able to dissect this? Or is Wireshark just capturing what it's told to capture?
Thx.
Albert
Email: ajurado@xxxxxxxxxxxxxxxx
-----Original Message-----
From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Hansang Bae
Sent: Sunday, March 16, 2008 1:37 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Terminal Server traffic
Albert Jurado wrote:
> I've attached a small capture file. Maybe someone can take a look at it and make something of it.
>
> If you look for the following ip address (10.10.10.23) you'll should see the out of order packets.
Albert,
They are the same packets. Notice the IP ID field, you have duplicates.
Basically, you captured it twice. Chances are, you spanned the entire
vlan and you captured it as it came out of one server and entered the
other server.
--
Thanks,
Hansang
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
