Is is possible to detect the result of cable noise through wireshark?
I'm dealing with a pretty difficult internet issue with my ISP and the Australian NBN (different company that owns the network infrastructure). A while ago I was complaining about my crumby internet service and my ISP managed to force the NBN to do some investigating, they ended up telling me that the signal noise around my place is too high, so they installed an attenuation device on my NBN NTD, naturally it was a bandaid solution and it helped a little bit, but it is still terrible. I'm wondering if I can use wireshark to look for any kind of tell-tale signs of faulty cable infrastructure (signal reflection/ leakage/ impulse noise/ common path distortion etc.) I'm not an expert with wireshark, but I learned how to check my UDP traffic while playing games and it looked like huge swaths of packets get lost into the ether.
EDIT:
I'll put up a packet capture if it helps https://gofile.io/?c=Emk4ZF. I got the capture while spamming refresh on a speedtest website, it sometimes lags out on the first try, other times I need to refresh a few times. I get the error "A socket error occurred during the download test. Please try again later.".
What is the physical layer?
https://en.wikipedia.org/wiki/Nationa...
Is there any access to the NTD (CPE) to pull status or statistics?
Can you do a traceroute to a speedtest or DNS server at the ISP to get a baseline of response times?
Thanks for the reply, I'm not sure about the physical layer, I'm using a HFC connection. Unfortunately there is no access to the NTD, there's a physical lock on the wall-mounted NTD, and the NBN arris CM8200 modem isn't accessible either. The NBN doesn't like customers having access to technical details. Yeah, I've done several traceroutes and overnight ping tests, I get very little packet loss - usually less than 1% - but occasionally get 3000+ms response times.
Here's an overnight ping test to my ISP's webpage for speed testing. Ping statistics for 180.150.17.170: Packets: Sent = 84433, Received = 84199, Lost = 234 (0% loss), Approximate round trip times in milli-seconds: Minimum = 39ms, Maximum = 3680ms, Average = 45ms
If you're collecting the ping times you might want to graph them to look for a pattern or time of day.
traceroute data collected over time can help to determine which hop might be causing the delay.
Was able to find an overloaded router at my ISP with a traceroute to their speed server.
This is a good presentation on traceroute: https://archive.nanog.org/meetings/na...
Thats probably a good idea, I've been sticking to just 24 hour ping times because thats what my ISP wanted before.
Its just a little frustrating because by most testing metrics my internet connection seems to be acceptable. Speedtests are good, ping times/tracerouts are acceptable and have minimal loss, but I'm constantly getting hit with error messages, timeouts and delays (e.g. waiting 20+ seconds for a webpage to load).
The original question was about using Wireshark to diagnose this.
A packet capture while waiting for the slow webpage to load would get more eyes here.
You're right, I'll chuck a packet capture up, I ran it through trace wrangler to anonymize it, but I'm not 100% sure I did it correctly.
Basically to get this capture I used my ISP's speedtest feature and spammed refresh a little until I lagged out. The problem is that my internet connection works most of the time, but has little periods of micro-loss or something, and timing it so the micro-loss get detected is difficult - sometimes it will lag out on the first try and I get the error message "A socket error occurred during the download test. Please try again later.", other times I need to retry the test several times to lag out (I'm not sure if I was just ddos-ing the website though...). I then opened the okla speedtest website and did the same thing, eventually on the last speed test ...(more)