Differences

This shows you the differences between two versions of the page.

--- network_stuff:wireshark-troubleshoot [2024/06/23 10:11] – created jotasandoku
+++ network_stuff:wireshark-troubleshoot [2024/07/02 10:47] (current) – jotasandoku
@@ Line 10: / Line 10: @@
 ==== Initial Checks ====
-  * **Packet Loss**: Look for signs of packet loss. Go to ''Statistics > Conversations > TCP'' tab and check for any retransmissions, duplicate ACKs, or triple duplicate ACKs.
+  * **Packet Loss**: Look for signs of packet loss. Go to ''Statistics > Conversations > TCP'' tab and check for any retransmissions ''tcp.analysis.retransmission'', duplicate ACKs, or triple duplicate ACKs.
   * **TCP Window Size**: Analyse the TCP window size to ensure it's not causing bottlenecks. Use ''Statistics > TCP Stream Graphs > Window Scaling'' to visualise window sizes.
   * **Fragmentation**: Check for IP fragmentation which can cause delays. Apply the filter ''ip.flags.mf == 1'' or ''ip.frag_offset > 0''.
@@ Line 19: / Line 19: @@
 ==== TLS Handshake Analysis ====
-  * **Check Handshakes**: Filter for ''tls.handshake'' to ensure handshakes are completing without excessive delays or retries. Handshake issues can indicate problems with certificate exchange or encryption setup.
+  * **Check Handshakes**: Filter for ''tls.handshake'' to ensure handshakes are completing without excessive delays or retries. Handshake issues can indicate problems with certificate exchange or encryption setup. DO this: ''tls.handshake'' + ''Statistics > I/O Graphs'' to visualize the handshake durations over time.
   * **TLS Record Analysis**: Investigate ''tls.record'' for any records showing errors or alerts.

dokucama

User Tools

Site Tools

Differences

Page Tools