How to identify the root cause of slow response from web server

asked 2019-11-21 16:00:55 +0000

HTHSeven gravatar image

Dear all,

May I know based on the wireshark captured, how can I identify the reason behind the webserver is giving a slow response when user query the url: http://hris.encorp.com.my/?

The server is having 1-1 NAT towards the ip 202.133.107.91 which is done via Firewall.

As I checked, no network issue there.

Hence, appreciate your help what info I can extract from the wireshark as I'm kinda weak in analyzing wireshark packets, your kind explanation will truly enlighten me.

Thank you.

Wireshark capture

edit retag flag offensive close merge delete

Comments

Can you make the capture again?
The first capture has pieces from several different requests.
Would be nice to see from the beginning - DNS request for hris.encorp,com.my -> TCP handshake -> HTTP GET -> HTTP timeout -> TCP FIN.

Chuckc gravatar imageChuckc ( 2019-11-21 17:01:34 +0000 )edit

Won't you also need a capture on, or better next to, the server? The issue might be the application on the server.

grahamb gravatar imagegrahamb ( 2019-11-21 17:14:30 +0000 )edit

That would be nice. The RTT in the SYN/ACKs looks pretty good so don't think network.

Frame #18:

[iRTT: 0.018374000 seconds]
[The RTT to ACK the segment was: 0.064190000 seconds]
Chuckc gravatar imageChuckc ( 2019-11-21 17:16:57 +0000 )edit
add a comment