TCP Tips, Tricks, and Traces

Slides:



Advertisements
Similar presentations
Personal Health Device WG
Advertisements

B5 – TCP Analysis - First Steps Jasper Bongertz, Senior Consultant Airbus Defence and Space.
Answers of Exercise 7 1. Explain what are the connection-oriented communication and the connectionless communication. Give some examples for each of the.
TCP/IP: the transport layer Skills: none IT concepts: layered protocols, transport layer functions, TCP and UDP protocols, isochronous applications This.
CPSC Tutorial: TCP 101 r The Transmission Control Protocol (TCP) is the protocol that sends your data reliably r Used for , Web, ftp, telnet,
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Computer Networks Transport Layer. Topics F Introduction  F Connection Issues F TCP.
Copyright © 2005 Department of Computer Science CPSC 641 Winter Tutorial: TCP 101 The Transmission Control Protocol (TCP) is the protocol that sends.
Error Checking continued. Network Layers in Action Each layer in the OSI Model will add header information that pertains to that specific protocol. On.
Process-to-Process Delivery:
1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 
Skills: none Concepts: local area network, router, inter network, the TCP/IP layered software “stack”, layer functions, layer protocols, dumb versus smart.
Introduction to Wireshark Making Sense of the Matrix
1 CS4550 Computer Networks II TCP/UDP Ref: Feit Chap 9 Tanenbaum Chap 6.
CS332, Ch. 26: TCP Victor Norman Calvin College 1.
Transport Layer Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
EFFECTIVELY TEACHING WITH WIRESHARK LAURA CHAPPELL EFFECTIVELY TEACHING WITH WIRESHARK LAURA CHAPPELL CHAPPELLU.COM WIRESHARKTRAINING.COM.
ICOM 6115©Manuel Rodriguez-Martinez ICOM 6115 – Computer Networks and the WWW Manuel Rodriguez-Martinez, Ph.D. Lecture 15.
Networking Version2 10/27/2015Slide 1 Format Layered models of processes The seven layers OSI Model Network Requirements Network Topology.
TCP – Tips and Case Studies. Presenter – Chris Greer Packet Pioneer LLC Network Analyst - WCNA Training and Professional Services Network and application.
TCP and UDP Ports. 1.The TCP part of TCP/IP stands for Transmission Control Protocol, and it is a reliable transport-oriented way for information to be.
CPSC TCP Plots r Slides originally from Williamson at Calgary r Minor modifications are made.
Networking (Cont’d). Congestion Control l Is achieved by informing nodes along a route that congestion has occurred and asking them to reduce their packet.
The OSI Model. Understanding the OSI Model In early 1980s, manufacturers began to standardize networking so that networks from different manufacturers.
Chapter 3: The Data Link Layer –to achieve reliable, efficient communication between two physically connected machines. –Design issues: services interface.
Network Congestion Control HEAnet Conference 2005 (David Malone for Doug Leith)
TCP over Wireless PROF. MICHAEL TSAI 2016/6/3. TCP Congestion Control (TCP Tahoe) Only ACK correctly received packets Congestion Window Size: Maximum.
Distributed Systems 11. Transport Layer
Real World Case Studies
Wireshark Tutorial KUAS, Hao-Xiang Gu.
UDP TCP.
Solving Real-World Problems with Wireshark
Computer Communication & Networks
Tech Support Tips and Tricks: ArcGIS for Desktop
Approaches towards congestion control
TCP/IP (Original) Application Transport Internet Network Access TCP/IP
資料通訊與網路 教授: 吳照輝 助教: 鄺福全.
The Packet A(nalysis)-Team
588 Section 3 Neil Spring April 20, 1999.
Due: a start of class Oct 26
Network, Server, or App? Chris Greer
Quick UDP Internet Connections
Packet Sniffing.
Troubleshooting Service Broker
Networking CS 3470, Section 1 Sarah Diesburg
TCP Sequence Number Plots
CSE 4340/5349 Mobile Systems Engineering
Flow and Congestion Control
Overview Jaringan Komputer (2)
Process-to-Process Delivery:
The Future of Transport
IS 4506 Server Configuration (HTTP Server)
Star Early Literacy PreTest Instructions
IT351: Mobile & Wireless Computing
CS4470 Computer Networking Protocols
Wireshark(Ethereal).
TCP Protocol Analysis Access UMKC Home Page.
Networking CS 3470, Section 1 Sarah Diesburg
CSE 313 Data Communication
Networking CS 3470, Section 1 Sarah Diesburg
The Transport Layer Reliability
Transport Layer: Congestion Control
Process-to-Process Delivery: UDP, TCP
TCP flow and congestion control
Computer Networks Protocols
Office 365 Performance Management
Error Checking continued
Communication.
Intrusion Detection Systems
Presentation transcript:

TCP Tips, Tricks, and Traces Let’s chat about what makes Applications Crawl

Presenter Packet Pioneer LLC Network Analyst - WCNA Training and Professional Services Network and application performance analysis www.lovemytool.com www.packetpioneer.com

Why TCP? Important stuff uses it. Some problems “hide” at this layer. Key to isolating problem domain. Few take responsibility for it.

When a problem strikes Network engineers check network interfaces, utilization levels, link errors and the wireless environment They want to prove it’s not the network. APPLICATION PRESENTATION SESSION TRANSPORT NETWORK DATA LINK PHYSICAL

When a problem strikes Server and Application support people may check error logs and server resources to see if the issue is theirs. APPLICATION PRESENTATION SESSION TRANSPORT NETWORK DATA LINK PHYSICAL

What if the problem is in the middle. Or What if the problem is in the middle? Or.. What if you could use the transport layer to find the real root cause? APPLICATION PRESENTATION SESSION TRANSPORT NETWORK DATA LINK PHYSICAL

What should I look for in traces? Wireshark has some great error events to flag TCP problems. Use the tcp.analysis.flags filter to spot them quickly, or the intelligent slide bar.

What TCP events are flagged? TCP Retransmissions TCP Out-of-Orders Duplicate Acks Zero Windows Those are the big ones.

Example 1:TCP Retransmission.pcap

What causes retransmissions? Packet Discards FCS/CRC Errors Cable/Interface hardware errors. Those are the big ones.

Make sure you don’t over-filter When working to understand the root cause of retransmissions, make sure not to over-filter the trace. Dig until you understand it. TCPRetransFromARPS.pcap

TCP Window Problems Open Example 3_TCP Window Problem.pcap

TCP Keep Alives These may look bad – but are they? Open Example 4_Slow Web Application.pcap

TCP Delayed ACKs This is the default behaviour of many TCP Stacks. Open Example 5_Delayed ACKs.pcap

Questions? Thanks for coming! Don’t forget to review.