TCP, although decades-old, is still responsible for business critical applications today. Usually an effective delivery mechanism, it has the potential to bring applications to a crawl. With that in mind, here are 3 top tips to cut troubleshooting times with TCP:
- Use TCP-based conversations to locate network problems – From gathering evidence from handshake and retransmissions to troubleshooting between the network, client, or server, analysing TCP resets is an accessible way to pinpoint problem sources on your network. TCP resets and their source are important to check during analysis – which may be different than the source IP address of the packet. Analyse whether the resets are coming from where you think they are coming from. It may be a device in the middle is sending them instead of the end system you are targeting. Also, analyse where the reset occurs in the packet stream.
- Identify dropped packets – Identify the path between client and server before you begin to look for symptoms of packet loss. If a packet does become errored somewhere on the path, the next switch or router will drop it. Fortunately, it will be marked as an FCS error, late collision, overrun, or some other misalignment. These markers can help us to find bad cables, faulty interfaces, bad terminations, duplex problems, and other layer two issues. Problems like these can impact application performance, so it is important to regularly monitor the network for them.
- Capture enough traffic – Don’t underestimate the value of long term packet collection, especially on high volume networks. Wireshark offers this capability using the Dumpcap extension which captures packets without decoding, extending the capture power. However, for high traffic enterprise, data center, or security forensics applications, a purpose built appliance with its own analytics may be the next step.
The third annual Viavi Solutions Wireshark Week takes place 5th-9th December, 2016 and all this week readers of NCN will be offered exclusive insight to help hone their network troubleshooting skills.