TCP-based issues
The Expert Infos tab is a pretty good indicator of any problems that occur due to issues with TCP; otherwise, we can also use the display filter, tcp.analysis.flags, to narrow down any TCP issues identified by Wireshark. The following are some commonly faced TCP problems and their respective display filters:
- Previous segment not captured (
tcp.analysis.lost_segment) - Duplicate ACKs (
tcp.analysis.duplicate_ack) - TCP fast retransmissions (
tcp.analysis.fast_retransmission) - TCP retransmissions (
tcp.analysis.retransmission) - Out-of-order Segments (
tcp.analysis.out_of_order) - Zero window (
tcp.analysis.zero_window)
The important points to note are:
- Whenever packets are being lost on the network, we will note fast retransmissions and/or retransmissions ...
Get Wireshark Network Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
