Ask Your Question

Christian_R's profile - activity

2019-12-11 20:31:20 +0000 commented answer Outlook performance

That's a nice tcp graph. I agree, enabling SACK would be a huge improvement.

2019-12-05 21:46:56 +0000 commented question Does the name resolution also work in ARP decodes?

No this is a different question @bubbasnmp this here is about Ip address resolution. Which works fine for IP addresses b

2019-12-05 21:46:16 +0000 commented question Does the name resolution also work in ARP decodes?

I should be more specific, the name resolution of a profile specific host file.

2019-12-05 21:46:03 +0000 commented question Does the name resolution also work in ARP decodes?

I shuld be more specific, the name resolution of a profile specific host file.

2019-12-05 21:45:20 +0000 commented answer How to use the ethers file

I seems to be a local problem (maybe due to some security settings) . On another system ethers is working well.

2019-12-05 21:45:14 +0000 marked best answer How to use the ethers file

Hi, I have created an ethers file, like described in the wireshark docs and put it into a personal profile (e.g. testETHERS) Is there an additional step needed to the MAC addresses resolved? I have enabled the physical name resolving. I am using Wireshark 3.0.6 64Bit for Windows.

2019-12-05 21:42:50 +0000 marked best answer Can I limit the display filter to an specific occurrence

For example: An IP header inside an ICMP message. In that case we have two IP Headers in one packet.

But can I limit the display filter (e.g. ip.dst) to only one of them, like in the columns dialog?

2019-12-05 07:53:03 +0000 received badge  Popular Question (source)
2019-11-30 23:38:46 +0000 commented question Application crashes, host is sending RST back to server, captures of both

From the trace files we can spot two different RSTs. One is RST after receiving a FIN And the other one comes in the mid

2019-11-30 23:29:57 +0000 commented question Application crashes, host is sending RST back to server, captures of both

From the trace files we can spot two different RSTs. One is RST after receiving a FIN And the other one comes in the mid

2019-11-30 23:29:44 +0000 commented question Application crashes, host is sending RST back to server, captures of both

From the trace files we can spot two different RSTs. One is RST after receiving a FIN And the other one comes in the mid

2019-11-22 17:19:52 +0000 commented answer How to use the ethers file

Thx. The strange thing is that all other resolutions like host or vlans do work. I think it is something at the local sy

2019-11-21 23:35:13 +0000 commented question Does the name resolution also work in ARP decodes?

No this is a different question @bubbasnmp this here is about Ip address resolution. Which wirks fine for IP adresses bu

2019-11-21 19:33:33 +0000 commented answer How to use the ethers file

That is what I did. but obviously it does not work. Is there something other which can prevent resolving the mac addres

2019-11-21 17:38:19 +0000 commented answer How to use the ethers file

And Ihave also enabled the reasolve mac addresses in the preferences

2019-11-21 17:36:47 +0000 commented answer How to use the ethers file

Ok we start at the very beginning: where exactly have you stored the ethers. I have stored it in %appdata%roaming/wiresh

2019-11-21 14:28:51 +0000 commented answer How to use the ethers file

Ok makes sense. But I have also tried the global and personal configuration directories. But it didn’t work.

2019-11-21 13:57:55 +0000 commented question Does the name resolution also work in ARP decodes?

I shuld be more specific, the name resolution of a profile soecific host file.

2019-11-21 13:34:42 +0000 asked a question How to use the ethers file

How to use the erhers file Hi, I have created an ethers file, like described in the wireshark docs and put it into a per

2019-11-21 11:34:33 +0000 edited question Does the name resolution also work in ARP decodes?

Does the name resolution also work in ARP decodes? Does the name resolution also work in ARP decodes? In my Version 3.0.

2019-11-21 11:33:23 +0000 asked a question Does the name resolution also work in ARP decodes?

Does the name resolution also work in ARP decodes? Does the name resolution also work in ARP decodes? In my Version 3.0.

2019-11-20 20:56:10 +0000 commented question Can I limit the display filter to an specific occurrence

I think Bug 3791 describes the enhancement correct, as my problem occurs when we tunnel the traffic. So I Have voted fo

2019-11-20 08:08:20 +0000 received badge  Student (source)
2019-11-19 22:01:39 +0000 edited answer How to measure 3 L2L connections

You can do this with Wireshark in general. But as you talk about UDP traffic things are getting a little bit more compli

2019-11-19 21:57:57 +0000 asked a question Can I limit the display filter to an specific occurrence

Can I limit the display filter to an specific occurrence For example: An IP header inside an ICMP message. In that case

2019-11-19 07:04:52 +0000 commented question TCP SYN, SYN ACK followed by RST

I agree, the reason for closing is somehow application/socket related. and so far I was not sure about the reason. But

2019-11-19 07:03:53 +0000 commented question TCP SYN, SYN ACK followed by RST

I agree, the reason for closing is somehow application/socket related. and so far I was not sure about the reason. But

2019-11-11 20:50:15 +0000 received badge  Rapid Responder (source)
2019-11-11 20:50:15 +0000 answered a question How to measure 3 L2L connections

You can do this with Wireshark in general. But as you talk about UDP traffic things are getting a little bit more compli

2019-09-10 21:03:01 +0000 answered a question Unusual delay during TCP connection handshake

Yes you are right there is a delay of around 4.4 seconds in the trace. The gap is directly after the 3 way handshake. We

2019-09-02 06:04:48 +0000 commented question Slow Response - host send a ACK packet slowly than usual

I can't see from the question which ACK is more slowly than expected. But in general I would say that your trace file ho

2019-09-01 19:28:42 +0000 commented question Slow Response - host send a ACK packet slowly than usual

I can't see from the question which ACK is more slowly than expected. But in general I would say that your trace file ho

2019-09-01 19:27:59 +0000 commented question Slow Response - host send a ACK packet slowly than usual

I don´t know which ACK is more slowly than expected. But in general I would say that your trace file host2... is really

2019-08-31 21:08:04 +0000 answered a question Analyze Videotraffic from e.g Prime Video

You can analyze the stream with Wireshark and measure the throughput and goodput. But normally I would not recommend to

2019-08-31 20:42:11 +0000 commented question Slow Response - host send a ACK packet slowly than usual

Can you share us a trace... Sharing a trace FAQ

2019-08-31 20:40:30 +0000 commented question If the NIC Receive Buffer fills how does this manifest in Wireshark

There might be several reasons, for having a gap of 10-15 seconds. I suggest you provide us a trace, then we can explain

2019-08-31 20:39:43 +0000 commented question If the NIC Receive Buffer fills how does this manifest in Wireshark

There might be several reasons, for having a gap of 10-15 seconds. I suggest you provide us a trace, then we can explain

2019-08-16 21:37:16 +0000 commented answer Can client control whether server sets PSH flag on every packet?

Maybe there is a device in between (LB,FW, ...) which sets a PSH bit to every tcp packet, but this is only guessing, as

2019-08-14 20:55:16 +0000 received badge  Popular Question (source)
2019-08-12 22:41:39 +0000 edited answer Using a vlans file in profile

Please try to put the vlan file in ~/.config/wireshark/ directly. There was a bug in 3.0.2 and it could be that the bugf

2019-08-12 11:00:47 +0000 edited answer Using a vlans file in profile

Please try to put the vlan file in ~/.config/wireshark/ directly. There was a bug in 3.0.2 and it could that the bugfix

2019-08-12 10:59:54 +0000 answered a question Using a vlans file in profile

Please try to put the vlan file in ~/.config/wireshark/ directly. There was a bug in 3.0.2 and it could that the bugfix

2019-08-12 10:59:54 +0000 received badge  Rapid Responder (source)
2019-07-16 16:23:00 +0000 commented question Fritzbox 5490 capture

Or it would be helpful, if you could tell us what you want to capture. Internal-Net or External.

2019-07-02 20:38:12 +0000 commented answer Receiver sends window update instead of DUP ACK

@Syn-bit: Of course you are right. Thx. I was somehow on the wrong track...

2019-07-02 19:50:43 +0000 commented answer Receiver sends window update instead of DUP ACK

@Syn-bit: I agreee. But I just wonder about a second spot. How long would you assume does the receiver keep the Out-Of-O

2019-07-02 19:49:17 +0000 commented answer Receiver sends window update instead of DUP ACK

@Syn-bit: I agreee. But I just wonder about a second spot. How long would you assume does the receiver keep the Out-Of-O

2019-06-30 11:42:32 +0000 commented question Receiver sends window update instead of DUP ACK

Thx for the traces. Do you know the value of the Scaling factor the client and the receiver are advertising? Or even bet

2019-06-27 21:26:03 +0000 commented question Keep-Alive Packets after FIN

Well the trace for Chrome looks now different. But in your cases the server closes the connection. So from end user poin