Hi I am new to wireshark,
I have come across the term payload content many times but I am not sure of its meaning. If I were to click on a layer and see the breakdown.
I also want to know what the size of the payload means. Does it refer to everything after the highlighted frame. So for example if I were to click on ethernet II would the size of the payload content be 14 bytes which is the size of ethernet II. Or would payload content be everything after ethernet II so 500 bytes.
It says ethernet II, Internet Protocol Version, USP , DNS. Is the payload contents the arrow on the left where I can drop down and see the subsections. For example the payload content for DNS in my case would be what the drop down arrow on the left shows in my case is the payload content
Transaction ID: 0x48b7 Flags: 0x0100 Standard query 0... .... .... .... = Response: Message is a query .000 0... .... .... = Opcode: Standard query (0) .... ..0. .... .... = Truncated: Message is not truncated .... ...1 .... .... = Recursion desired: Do query recursively .... .... .0.. .... = Z: reserved (0) .... .... ...0 .... = Non-authenticated data: Unacceptable Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries www.youtube.com: type A, class IN [Response In: 41] .
