Wireshark -Protocol Hierarchy Omitting large amount of subprotocol traffic
To Summarize, the total of my subprotocol/subvariant packet percentages do not sum up to its header
In this case: TCP= 97.1%, Subvariants/Subprotocols(Http,TLS,'Data')= ~30%. Nothing else
I understand Transport Layer Protocols may not need to add up incrementally, but I understand that subprotocols/subvariants within them should.
That's approximately ~70% of subprotocol behaviour that is not being viewed or captured by Wireshark? This concerns me as I do not run any ecclectic services or protocols on my device, this is a simple browsing/gaming PC.
From my understanding if Wireshark cannot dissect particular protocols or information, it would automatically assign packets to either 'Data' or 'Other' Subvariants under a header. However even this is not present so what may best describe this, or how may I go about figuring it out what this remaining traffic is.
A user on another forum suggested using an analysis tool like sflow
Is the question about the math not adding up or missing protocols?
Here is an example with a large number of TCP packets reassembled into higher protocol packets.