ESP - ISP - out of Sync / Lost packets
First time here so, the first question is what is the best resource to begin reading or to reference all of the information PCAP provides. I'm specifically interested in Packet Fragments, determining where this is happening, as it relates to a tunnel between two sites using ESP.
Second, I have discovered an issue with transmission speed between two sites that we have. Each site has a 1 gig fiber connection, dedicated. Yes expensive. Using IPERF I am only able to get around 100 Mbits/sec. So this took me to the wonderful world of Wireshark. I have used it some in the past, but not for this detailed type stuff. Using WS I am seeing multiple, (hundreds), of packets that are out of sync, malformed packets and some that do not ever seem to get to the end. Both the ISP and Firewall manufacture have provided comments. I believe that it resides with the ISP, but I'm looking for a definitive way to prove this using Wireshark. So, the gist of my second question, is can this be done?
For reference, when looking at the PCAP, I continue to see two MAC addresses in the Ethernet II sections that are involved every time there is an issue.
Thanks for the comments, we have been working on this issue for over a month now with no end in site. I hope trust this was an appropriate place to post this type of question.
