95 posts categorized "Chris Greer" Feed

How TCP Works - Acknowledgment Numbers (by Chris Greer)

Let's learn more about TCP. 

So far, we've looked at the handshake process and how sequence numbers work. Now, let's check out how the acknowledgment process works with TCP. 

After all, this is a critical component of making TCP a connection-oriented, reliable transport protocol. Understanding how these numbers work goes a long way in troubleshooting issues in networks and applications. The better we understand these processes, the faster we can spot issues when things are broken. 

Got four minutes? Check it out! 

 

Thanks for checking it out and hopefully it helps all packet-heads out there! 

Continue reading "How TCP Works - Acknowledgment Numbers (by Chris Greer)" »


How TCP Works - Sequence Numbers (by Chris Greer)

TCP is important stuff for network engineers to know. 

Why? 

Today's problems aren't so cut-and-dry as they used to be. When a problem strikes, we can't just say "it's not the network" and go along with our day. A core understanding of TCP and how it carries and acknowledges data goes a long way in finding the root cause of performance problems today. 

One key aspect of TCP that is important to learn is the Sequence and Acknowledgement process. To put it simply, these numbers in the TCP headers indicate how much data has been sent and received. They allow each endpoint to determine if there was packet loss, what needs to be retransmitted, and help to determine how much data is in flight. 

For a six-minute crash-course on how TCP Sequence numbers work, check out this video:

 

Thanks for checking it out and hopefully it helps all packet-heads out there! 

Author Profile - Chris Greer is a Network Analyst for Packet Pioneer LLC and a Certified Wireshark Network Analyst. Chris regularly assists companies in tracking down the source of network and application performance problems using a variety of protocol analysis and monitoring tools including Wireshark. Chris also delivers training and develops technical content for several analysis vendors. Got network problems? Let's get in touch

Chris Greer Packet Pioneer Logo


How TCP Works - The Handshake (by Chris Greer)

This video uses Wireshark to show how the handshake process works in TCP. It is part of a new TCP Fundamentals series on the Packet Pioneer YouTube channel. I hope it helps the budding packet-heads out there! 

 Enjoy!

 

 

Author Profile - Chris Greer is a Network Analyst for Packet Pioneer LLC and a Certified Wireshark Network Analyst. Chris regularly assists companies in tracking down the source of network and application performance problems using a variety of protocol analysis and monitoring tools including Wireshark. Chris also delivers training and develops technical content for several analysis vendors. Got network problems? Let's get in touch

Chris Greer Packet Pioneer Logo




Sharkfest 2017 - Winning the Network Blame Game (by Chris Greer)

This session was recorded at Sharkfest 2017 on June 19th at Carnegie Mellon University. 

This session was recorded at Sharkfest 2017 – June 19th at Carnegie Mellon University in Pittsburgh. It delves into the reasons why people blame the network for performance problems, why these issues linger, and how network engineers can solve them using Wireshark.

I hope this helps you in resolving those pesky network and application issues.

Chris Greer Packet Pioneer Logo

Author Profile - Chris Greer is a Network Analyst for Packet Pioneer LLC and a Certified Wireshark Network Analyst. Chris regularly assists companies in tracking down the source of network and application performance problems using a variety of protocol analysis and monitoring tools including Wireshark. Chris also delivers training and develops technical content for several analysis vendors. Got network problems? Let's get in touch

Lessons from Sharkfest US 2017 (by Chris Greer)

Sharkfest 2017

Sharkfest turned 10!

Last month, hundreds of Wireshark users, developers, and trainers came together for the 10th annual Sharkfest conference at Carnegie Mellon University in Pittsburgh. Packet-heads from all over the globe could mix and mingle with the likes of Gerald Combs, Laura Chappell, Jasper Bongertz, and Hansang Bae, just to name a few.

For me, Sharkfest is always a highlight of the year. Where else can you ditch the trade-show marketing super-hype and just get down to the wire with the world’s best packet analysts? Network engineers should definitely put this event on their bucket lists, no matter what their experience level with Wireshark and packet analysis.

In recent years, the fine folks who host Sharkfest have approved of having the sessions recorded, making them available on demand. If you have not yet done so, stop by the Sharkfest retrospective page to check out some of the sessions – sharkfest.wireshark.org/sf17

Suggested sessions:

  1. Hansang Bae always does a great job of showing real-world scenarios of how to packet dig. In his session he goes into some case studies of rare packet-level issues that engineers face today. His session video is not yet on the page but I’m sure it soon will be.
  2. Kary Rogers from Packetbomb did a practical session on Understanding Throughput and TCP Windows. Be sure to check that one out – recording available.
  3. Betty DuBois did a very nice session for newbies entitled “Rookie to Vet in 75 minutes”. Although the session recording is not yet available, she did an awesome job on her presentation – definitely check it out!

My notes:

Continue reading "Lessons from Sharkfest US 2017 (by Chris Greer)" »


Are My Packets Lying? – Four Things To Look For In Packet Traces (by Chris Greer)

Blog-Are my Packets Lying

Packets don’t lie – well, most of the time.

Packets will tell you the truth unless they have been captured incorrectly. In those cases, packets can tell bold-faced lies.

When digging through trace files, we can come upon symptoms in the packets that may raise an eyebrow. These are events that look strange on the surface and may even divert our troubleshooting focus for a time. In fact, some of these issues have misdirected engineers for hours, if not days, causing them to chase down issues and events that simply did not exist on the wire.

Most of these examples can be avoided simply by capturing the packets from a tap rather than on the machine generating the traffic. Come on, you know you have needed a tap for a while! Just spring for one and capture correctly next time. By the way, when you do make that decision, check out our buddies at Garland Technology. They make great stuff and they are nice people too!

  1. Very large packets

Continue reading "Are My Packets Lying? – Four Things To Look For In Packet Traces (by Chris Greer)" »