Is is possible to detect the result of cable noise through wireshark?

asked 2019-11-30 18:13:28 +0000

spoidah gravatar image

updated 2019-12-03 11:54:23 +0000

I'm dealing with a pretty difficult internet issue with my ISP and the Australian NBN (different company that owns the network infrastructure). A while ago I was complaining about my crumby internet service and my ISP managed to force the NBN to do some investigating, they ended up telling me that the signal noise around my place is too high, so they installed an attenuation device on my NBN NTD, naturally it was a bandaid solution and it helped a little bit, but it is still terrible. I'm wondering if I can use wireshark to look for any kind of tell-tale signs of faulty cable infrastructure (signal reflection/ leakage/ impulse noise/ common path distortion etc.) I'm not an expert with wireshark, but I learned how to check my UDP traffic while playing games and it looked like huge swaths of packets get lost into the ether.

EDIT:

I'll put up a packet capture if it helps https://gofile.io/?c=Emk4ZF. I got the capture while spamming refresh on a speedtest website, it sometimes lags out on the first try, other times I need to refresh a few times. I get the error "A socket error occurred during the download test. Please try again later.".

edit retag flag offensive close merge delete

Comments

What is the physical layer?
https://en.wikipedia.org/wiki/Nationa...
Is there any access to the NTD (CPE) to pull status or statistics?
Can you do a traceroute to a speedtest or DNS server at the ISP to get a baseline of response times?

bubbasnmp gravatar imagebubbasnmp ( 2019-11-30 18:26:05 +0000 )edit

Thanks for the reply, I'm not sure about the physical layer, I'm using a HFC connection. Unfortunately there is no access to the NTD, there's a physical lock on the wall-mounted NTD, and the NBN arris CM8200 modem isn't accessible either. The NBN doesn't like customers having access to technical details. Yeah, I've done several traceroutes and overnight ping tests, I get very little packet loss - usually less than 1% - but occasionally get 3000+ms response times.

Here's an overnight ping test to my ISP's webpage for speed testing. Ping statistics for 180.150.17.170: Packets: Sent = 84433, Received = 84199, Lost = 234 (0% loss), Approximate round trip times in milli-seconds: Minimum = 39ms, Maximum = 3680ms, Average = 45ms

spoidah gravatar imagespoidah ( 2019-11-30 19:17:44 +0000 )edit

If you're collecting the ping times you might want to graph them to look for a pattern or time of day.
traceroute data collected over time can help to determine which hop might be causing the delay.
Was able to find an overloaded router at my ISP with a traceroute to their speed server.

This is a good presentation on traceroute: https://archive.nanog.org/meetings/na...

bubbasnmp gravatar imagebubbasnmp ( 2019-11-30 19:50:16 +0000 )edit

Thats probably a good idea, I've been sticking to just 24 hour ping times because thats what my ISP wanted before.

Its just a little frustrating because by most testing metrics my internet connection seems to be acceptable. Speedtests are good, ping times/tracerouts are acceptable and have minimal loss, but I'm constantly getting hit with error messages, timeouts and delays (e.g. waiting 20+ seconds for a webpage to load).

spoidah gravatar imagespoidah ( 2019-11-30 20:40:19 +0000 )edit

The original question was about using Wireshark to diagnose this.
A packet capture while waiting for the slow webpage to load would get more eyes here.

bubbasnmp gravatar imagebubbasnmp ( 2019-12-01 01:11:55 +0000 )edit