How can I use wireshark to identify slow network proformance for only internet traffic? Also where is the internet traffic being delayed at. All LAN and WAN traffic for the most part is fast, however when it comes to internet traffic it becomes very very slow. I have installed wireshark on a server and capturing packets filtered with HTTP port 80 traffic. What would be the tell tell sign in the capture packets for internet traffice slowness. asked 05 Aug '11, 13:20  helpomatic |
3 Answers:
In your case you might want to look for requests that take a long time to answer. If you're talking about web traffic you might want to filter for GET and POST requests, or simply any request at all. You can do that by filtering on To see how long it takes the webserver to start sending the content you could filter on the HTTP response code, for example Combined, you could do answered 05 Aug '11, 17:32  Jasper ♦♦ |
Never was able to use the http.request.method or the http.response.code to solve the slow network for internet traffic only. Worked with Verizon and was able to determine that the default route was wrong. After correcting the default route internet is now working fine. A simple traceroute identified the problem. Thank you for your help. answered 08 Aug '11, 12:31 helpomatic |
I'm also just opening Wireshark and it's intimidating. I've been working with ISP and we've got a bunch of unidentified traffic uploading and downloading via the Internet. I would like to pinpoint which users (addresses) are creating the traffic, but don't know how to set it up. answered 05 Sep '13, 13:36  caruncles |
Jasper, First I would like to thank you for taking your time to write a response. I must say I am an new to using wireshark, however I was able to use those filters you have requested. They work fine, but for me I am at a lost for words at the time difference. I have saved the capture file, so I can understand when I can interpret what it is telling me.