Hello Wireshark community,
I hope I can ask about ethereal here? Should I refer ethereal as Wireshark when I quote it for my paper?
If you had viewed my questions from ethereal mailing list, please excuse me. I hope everyone can bear this. For people that had kindly answered and gave tips, I appreciate it very much and thank you.
My problem is like this. I run ethereal at client side when I'm downloading a file from FTP server. I notice strange thing which is I'm getting packets from both server and client that occur in the exact same timestamp. I would get a TCP Segment Lost from server then followed by Dupack from client then Retransmission from server again all happening in the same timestamp.
Please take a look at my sample capture here:
www.darikawan.com
at the bottom left corner Download Here section.
I'm using -
.ethereal V 0.10.13 and winpcap 3.1.
.OS is XP Pro SP 1 both client and server.
.Zone Alarm (free
version) on both server and client. All settings are ok.
.On server, the network card is D-Link DFE-538TX 10/100 adapter. It is connected to ADSL modem.
.On client, USB port.
I set Window Size to be 64kB at both client and server. If I modify this value, would this be considered shaping the packet to suit the slow link as suggested?
Or is the time difference too small for ethereal/winpcap to detect, like 0.0000000000000000000001567?
Thanks.
BV
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com