I have a project where we are trying to figure out why client/server traffic is not making it across some segments of a client network. The systems were working, but then "something" was changed on the network and now they cannot connect. We think it has to do with TTL, but need to tack it down. We had a similar problem in the past and it was solved by a third party taking a wireshark trace from one location on the network where the client could connect to the server and then at a second location where the client could not connect and comparing them. I know how to do the two traces, but am not sure where to go in wireshark (or third party tools) to compare the traces to find what is missing. Any help would be appreciated. asked 10 Aug '11, 05:18 dclark |
One Answer:
Wireshark cuts your packets to bits and gives you back the bloody ends. You'll have to know the protocols used in order to make your analysis. Although Wireshark helps you with the individual traces, comparing them is another matter. answered 10 Aug '11, 05:45 Jaap ♦ |