Troubleshooting SMB Connection Issue Using Wireshark (by Tony Fortunato)
Momma's Boy (by Paul W. Smith)

TCP Checksum Error Case Study (by Paul Offord)

When I see TCP Retransmissions and Dup ACKs in a trace I naturally think about packet loss, but that's not the only cause.  The TCP Checksum mechanism is used to check the integrity of the TCP payload (or segment) and, although it's rare to see genuine checksum errors in a trace, it's another cause of retransmissions.

  Network topology

For Wireshark users there's good and bad news.  The good news is that Wireshark can check each packet for TCP Checksum errors.  The bad news is that they are not always genuine errors.  So how can we tell the difference?

In this video ...

 ... we look at the practical effects of genuine and false TCP Checksum errors.

 

 

[MP4 version here in case YouTube is blocked]

I use the Workbench Matcher function in this video to compare two traces.  The Workbench Workflow Library now includes a workflow that gives comprehensive guidance to Matcher, including videos showing the steps involved.  You can still get a free copy of Workbench from the Downloads section of the TribeLab Community website - https://community.tribelab.com

Best regards...Paul

 

Picture of Paul OffordAuthor Profile - Paul Offord has had a 39-year career in the IT industry that includes roles in hardware engineering, software engineering and network management. Prior to founding Advance7, he worked for IBM, National Semiconductor and Hitachi Data Systems.

Paul is currently leading the TribeLab project to explore new ways to help IT support people troubleshoot performance and stability problems.

Comments