This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I have a project where we are trying to figure out why client/server traffic is not making it across some segments of a client network. The systems were working, but then "something" was changed on the network and now they cannot connect. We think it has to do with TTL, but need to tack it down. We had a similar problem in the past and it was solved by a third party taking a wireshark trace from one location on the network where the client could connect to the server and then at a second location where the client could not connect and comparing them. I know how to do the two traces, but am not sure where to go in wireshark (or third party tools) to compare the traces to find what is missing. Any help would be appreciated.

asked 10 Aug '11, 05:18

dclark's gravatar image

dclark
1111
accept rate: 0%


Wireshark cuts your packets to bits and gives you back the bloody ends. You'll have to know the protocols used in order to make your analysis. Although Wireshark helps you with the individual traces, comparing them is another matter.

permanent link

answered 10 Aug '11, 05:45

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×12

question asked: 10 Aug '11, 05:18

question was seen: 1,760 times

last updated: 10 Aug '11, 05:45

p​o​w​e​r​e​d by O​S​Q​A