Hi I've posted this question earlier but it never has shown up. Apologies if there's multiples. I was trying to understand how a particular internet speed test works so I captured all packets while running testmy.net with a manual download size of 12 MByte and then a manual UL size of 1 MByte. Then each time I try to stop the packet capture, after a few mins, wireshark goes unresponsive and I end up having to kill it with the Task Manager. This is on a laptop running Win 7. This procedure worked fine when I captured packets during dslreports.com and fast.com, but each time I try testmy.net, it hangs. I am not using a VPN and am doing a wired ethernet test. Any idea what I might be doing wrong? I am running ver 2.2.5. thank you, 'mark asked 31 Mar '17, 14:17  mahlenius |
One Answer:
Looks like Wireshark is having trouble with the packets that are captured; sometimes it's the sheer amount, but it could also be something else. As a better solution I recommend capturing with dumpcap on the command line directly, which removes a lot of overhead. See this blog post for how to use dumpcap: https://blog.packet-foo.com/2013/05/the-notorious-wireshark-out-of-memory-problem/ answered 01 Apr '17, 04:15  Jasper ♦♦ |
I have to agree here. I learned it the hard way a couple times.
I always use Wireshark when I have something very specific to search / capture takes less than a minute to complete.
For everything else, I use dumpcap.
Don't be affraid to capture everything with no filters (unless you have limited space on hard drive) and if your capture file is too large, use editcap to split it. Both are very easy to use.