Hi,
I have been trying to track down an intermittent pause in
network activity between my Windows Home Server and HTPC .
I noticed the pause was occurring as the movies I was
watching periodically stuttered/froze before bursting back into life, like fast
forward turned on, then settling down to normal viewing speed. The occurrence
of the pauses seem to be random, but I would say it happens between 10 to 15
times over a typical movie length.
I have used wireshark to record the traffic between the two
servers during the pause period, this is as follows:
"4379","19.617874","7.168.1.16","7.168.1.253","SMB","Read
AndX Request, FID: 0x400d, 61440 bytes at offset 778371072"
"4380","19.759785","7.168.1.253","7.168.1.16","TCP","microsoft-ds
> 49178 [ACK] Seq=23546138 Ack=45235 Win=56589 Len=0"
"4381","19.791285","IntelCor_7c:06:c0","Broadcast","ARP","Who
has 7.168.1.1? Tell 7.168.1.3"
"4382","20.173328","fe80::b8fb:ec8a:5b36:bf57","ff02::1:2","DHCPv6","Solicit"
"4383","20.412176","7.168.1.252","255.255.255.255","UDP","Source
port: filenet-peior Destination port: 22330"
"4384","23.561347","7.168.1.252","255.255.255.255","UDP","Source
port: filenet-peior Destination port: 22330"
"4385","23.757630","7.168.1.253","7.168.1.16","TCP","[TCP
Keep-Alive] dbstar > 49165 [ACK] Seq=0 Ack=2 Win=64856 Len=1"
"4386","23.757785","7.168.1.16","7.168.1.253","TCP","[TCP
Keep-Alive ACK] 49165 > dbstar [ACK] Seq=2 Ack=1 Win=275 Len=0 SLE=0
SRE=1"
"4387","28.078082","fe80::b8fb:ec8a:5b36:bf57","ff02::1:2","DHCPv6","Solicit"
"4388","29.554158","7.168.1.253","7.168.1.16","TCP","[TCP
segment of a reassembled PDU]"
The Wireshark IOGraph flat lines between the two Solicit
packets.
Some other info for you to hopefully help diagnose:
1. 7.168.1.253 is the server (Two Intel CT Desktop Adapters
Teamed - Load balanced - Jumbo Frames 9014)
2. 7.168.1.16 is the HTPC (One Intel CT Desktop Adapter -
Jumbo Frames 9014)
3. 7.168.1.1 is the ADSL Router
4. 7.168.1.3 is my laptop that I have used to RDP into my
server
4. 7.168.1.252 is a wireless ycam camera and it uses the
server via FTP to store alarmed captured files.
5. I don't know what the source application of dbstar is,
but this occurs many times in the wireshark capture and doesn't cause pauses every
time it appears.
6. The only thing that seems consistent with other flat line
captures I've done is the Broadcast events, but they are usually something
like:
"17107","61.452598","IntelCor_7c:06:c0","Broadcast","ARP","Who
has 7.168.1.251? Tell 7.168.1.3"
7.168.1.251 is my printer.
Anybody have any ideas where I go from here, I am still
scratching my head?
Thanks
Stephen
