Ask Your Question

mkelley_25's profile - activity

2020-05-12 12:02:43 +0000 received badge  Popular Question (source)
2019-08-28 13:03:51 +0000 marked best answer Considerations for running Wireshark through a core switch

I have a customer who has a remote office that is connected to their main office. The main office provides the Internet connection for that remote office. I have a call with the customer tomorrow to get more details (is the connection setup over VPN, what kind of router/switches they have, are they using NAT?, etc.), but over the next week, the customer would like me to connect a laptop with Wireshark to the core switch at the main office to attempt to capture traffic from one computer at the remote office to the Internet.

Do any of you have thoughts or recommendations on things I should take into consideration? I'm thinking I simply need to setup port spanning on the core switch port that is used as the uplink to the remote site, sending traffic to the port I've plugged my laptop into AND setup a capture filter to ONLY capture data on that port that is coming from that one computer on the remote network. Am I missing anything? Thank you.

2019-08-28 13:03:48 +0000 commented answer Considerations for running Wireshark through a core switch

Thank you for this information. I'll mark it as the answer

2019-08-28 01:51:23 +0000 asked a question Considerations for running Wireshark through a core switch

Considerations for running Wireshark through a core switch I have a customer who has a remote office that is connected t

2019-08-27 18:04:47 +0000 marked best answer Multiple DUP ACK for one packet

I am trying to troubleshoot a "slow file upload speed" issue for a customer, and I have a Wireshark capture that shows seemingly HUNDREDS of DUP ACK's for one packet. I don't have enough "karma" to upload the capture file, so let me try this: https://1drv.ms/u/s!Ai804OSraN7whOMk4...

Packet 39 seems to be getting acknowledged hundreds of times, starting at packet 40 to packet 290. Then, same thing for packet 301, getting ACK'd hundreds of times from packet 302 to 927.

I've seen DUP ACK packets before, but never this many for seemingly the same source frame. Any ideas? Thank you in advance

2019-08-27 18:04:47 +0000 received badge  Scholar (source)
2019-08-27 15:24:37 +0000 commented answer Multiple DUP ACK for one packet

Thank you so much for that info. So in short, it started with one missing segment, which has to be re-transmitted, and

2019-08-27 14:44:45 +0000 commented answer Multiple DUP ACK for one packet

Hi, thank you for answering so quickly. That capture file was filtered then exported. I uploaded the entire, unfiltere

2019-08-27 14:05:35 +0000 asked a question Multiple DUP ACK for one packet

Multiple DUP ACK for one packet I am trying to troubleshoot a "slow file upload speed" issue for a customer, and I have