This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Everyday between 230PM and 4PM Network gets slow apps get disconnected... We do not drop internet connection from site... We drop Drive mapping back to HQ up North, We Drop Outlook Exchange Connection back to HQ up North.

Users can still access web browser to external sites... We have checked that no replication is happening, we have checked server logs for DC's here and at HQ up North... There internet connection does not drop either. The VPN between the sites does not show any issues when checking the Sonicwalls at both sites... We are thinking of sniffing the networking internal at our site to see what would cause the drop or slow throughput.

Which is best to use, Wireshark, DUMPCAP, TSHARK, TCPDUMP for capturing?

asked 03 Sep '14, 14:34

ITSupportMorrisvilleNC's gravatar image

ITSupportMor...
1111
accept rate: 0%

edited 03 Sep '14, 16:19

Jasper's gravatar image

Jasper ♦♦
23.8k551284


TCPDump is fine, dumpcap is fine, too. Wireshark and tshark are both using dumpcap to do the capture for them, so it is usually best to use dumpcap directly without the overhead.

permanent link

answered 03 Sep '14, 16:20

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×146
×10
×4
×4
×2

question asked: 03 Sep '14, 14:34

question was seen: 9,618 times

last updated: 03 Sep '14, 16:20

p​o​w​e​r​e​d by O​S​Q​A