This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Latency issue. Capture included.

0

Hello. I'm hoping someone could help me. I am having latency issues with my network with 60 users. We have a call center that relies on constant connection to the Cloud, but it's being crippled because of a latency issue. Our internet provider Comcast has come out to examine the hardware and the lines to determine that there were no issues with Comcast.
I've been studying my Wireshark capture results but I am pretty new to the software and I'm having a hard time processing the data.
Any help would be appreciated. Thank you!

https://www.dropbox.com/s/ejgz2bs4mz9qw2k/MC%20Cap.pcapng?dl=0

asked 01 May '17, 15:23

rummy's gravatar image

rummy
6112
accept rate: 0%

1

Could you please be more specific regarding the problem description. What kind of connection is affected, what are the IPs involved, what does the problem look like exactly?

Your capture contains lots of protocols, and the capture PC wasn't fast enough to grab it all correctly, so it's hard enough as it is...

(01 May '17, 15:42) Jasper ♦♦
1

Can you say what specific application is experiencing a slowdown, and do you know what specific network connections it uses (ie: what IP to what IP, what protocol)?

It doesn't look like you have an overall Internet latency issue, since if you look for example at your largest TCP sessions (eg: "tcp.stream eq 12" as a display filter, to look at that Google session), the longest TCP-level response times from Google are received by the client in 242ms (as an overall high in the whole trace).

In general, there are a lot of different applications in that trace so it's hard to say what the problem is without knowing what particular application is having a problem. Is this one of the SSL sessions?

(01 May '17, 15:45) Quadratic

Good morning. Thanks for your replies. Where we're most effected is our call center. Our call center uses software called Incontact to handle in coming phone calls. We started experiencing lag in performing actions such as picking up a call, putting someone on hold, or transferring. Comcast technician came out and told us that there is something on our network that is causing latency, and I"m trying to find out if it is the incontact software that is causing it.

I was told these are the servers that Incontact uses.

DAL: 216.20.235.240/28 dalsip.incontact.com dalsec.incontact.com
LAX: 216.20.237.240/28 laxsip.incontact.com laxsec.incontact.com
MUN: 216.20.255.0/28 munsip.incontact.eu munsec.incontact.eu
FRA: 216.20.254.0/28 frasip.incontact.eu frasec.incontact.eu
HKO: 205.252.219.240/28 hkosip.incontact.com hkosec.incontact.com

216.20.240.1
216.20.242.1
216.20.230.211
205.252.219.20
216.20.255.2
216.20.254.2

Thank you.

(02 May ‘17, 06:30) rummy

If you go to Statistics > Conversations > IPv4, you can see that none of those IP addresses or ranges appear in your packet capture. The closest range to any of the above would be 216.58.212.0/24.

Do you know what application/protocol this voice service uses? Is it possible to get a packet capture of just a client, just when it is trying to use the service and failing?

To troubleshoot this, you need to have some understanding of how this application uses the network to provide the service. I went to the inContact website but they only seem to provide high-level descriptions for the networking aspect of this cloud service. Basically, you need to know how it’s supposed to work before we can say why it isn’t.

(02 May ‘17, 17:51) Quadratic