Wireshark · Wireshark-users: [Wireshark-users] Analyzing health links from Wireshark captures

Wireshark-users: [Wireshark-users] Analyzing health links from Wireshark captures

Date: Wed, 20 May 2009 16:42:13 -0400

I am using wireshark as a way to evaluate the health of a network link (100 BaseT).  The link is shown below:

Data in > router/switch > encryptor > optical-elec > elect-optical >encryptor > router/switch > data out > Wireshark Mirrored port.

I Wireshark capture data at the mirrored ports and using a TCP filter look for “missing” packets and “retransmissions”.  Can this approach be used to detect a change in health of the link?  For example when seeing a sudden increase in missing packets from previous days of capture?

How will errored packets that occur in the optical side of the link manifest themselves in the Wireshark capture at the very end of the link (after the router)?

Any suggestions on a better approach?  My confusion is how the link layer will portray errors that occur a layer up in the network layer.

Any thoughts appreciated.

Follow-Ups:
- Re: [Wireshark-users] Analyzing health links from Wireshark captures
  - From: Martin Visser

Prev by Date: Re: [Wireshark-users] I/O Graph
Next by Date: Re: [Wireshark-users] Fw: Player for Stream Videoformat RTVideo ?
Previous by thread: Re: [Wireshark-users] Fw: Player for Stream Videoformat RTVideo ?
Next by thread: Re: [Wireshark-users] Analyzing health links from Wireshark captures
Index(es):
- Date
- Thread