![]() FYI, if you use 802.11 there is the 802.11 Retry Filter wlan.fc.retry, which should get you much closer to capturing retransmissions (but that doesn't have to be from CSMA/CD in the wireless world). One thing I have not yet tried, but should have, is updating the firmware of all the switches. The Retransmissions Filter: has to do with TCP retransmissions, not wired ethernet retransmissions. ![]() They occur reasonably often late at night when most computers are turned off and traffic should be lowest.ĭo you have any ideas that might help diagnose the cause of problems like this? Identifying TCP Retransmissions in Wireshark The first step is to identify the retransmissions within the packet list with this filter: Once we have this filter applied, we can begin to see how many retransmissions we’re seeing in the trace. They seem to occur slightly more during the day, but most in the evening, when traffic should be decreasing. The spikes in retransmissions and phone resets do not correlate well with when the network is heavily loaded. There are usually some coincident retransmissions in passing TCP traffic, for example between client machines and the file servers. Often retransmissions at the same time are to phones connected to the same switch, but sometimes retransmissions occur together to phones at opposite ends of the network. http.request or 1 or tcp.flags eq 0x002 or dns or ftp. ![]() ![]() Those in each cluster are mainly between the PBX and some set of the VoIP phones, but not always the same set. Using- Wireshark -diplay-filters- FTP - malware. The Wireshark log shows about 2 clusters of retransmissions a day ranging from 5 packets to hundreds. Wireshark picks up a clump of retransmitted TCP packets at the times when we record phone restarts. I have been doing some Wireshark monitoring on the connection between the VoIP PBX and the rest of the network. ![]() Simultaneously there are often signs of temporary loss of connection on computers: freezes in explorer while accessing network shares, errors in our administration software due to loss of connection to the database server. Since their installation around a year ago, every week or so, we notice a VoIP phone resetting itself - occasionally in the middle of a call. I have an irritating problem with a LAN of about 100 computers, 2 Windows domain servers, and 12 VoIP phones. ![]()
0 Comments
Leave a Reply. |