Overview
The purpose of the course is to provide the participant with basic knowledge of the Wireshark protocol analyzer. The course focuses on deep understanding of the tool, as the basics for using it for network troubleshooting. The course starts with packet capturing, capture and display filters, statistical features and the basics of the expert system. By the end of the course the participant will be able to perform basic troubleshooting in small to medium size networks. The course is based on theory, class exercise and labs.
Requirements
Basic knowledge in networking and the TCP/IP protocol stack. The participants should come with Laptops with Wireshark software (free download from the site – Www.wireshark.org)
Course Outline
- Introduction to network troubleshooting
- What is network troubleshooting
- Troubleshooting tools
- Troubleshooting methodologies
- Introduction to Wireshark
- How Wireshark Works
- Capturing Packets,
- What are capture and display filters
- Configuring Global Preferences
- Navigation and Colorization Techniques
- Using Time Values and Summaries
- Examining Basic Trace File Statistics
- Save, Export and Print
- Capture and Display Filters
- Capture filters – basics and filter language
- Display filters – basics and filter language
- Useful filters
- Lab exercises and case studies
- Using Time Values and Summaries
- Use the default time column setting and precision
- Use time between packets
- Set a time reference and view capture times
- Troubleshooting timing problems
- Lab exercises and case studies
- Using Statistics Tools
- Create I/O graphs
- Create TCP Time-Sequence graphs
- Analyze flow graphs
- Evaluate service response times
- Create Round-Trip-Time graphs
- Analyze TCP/IP flows
- Analyse applications flows
- Lab exercises and case studies
- The Expert System Basics
- Normal and un-normal Network Communications
- Causes of Performance Problems
- Packet Losses, Ack to longs and Retransmissions
- Lab and case studies
- Bandwidth Issues
- Bandwidth measurement
- User/flow throughput calculations
- Applications throughput calculations
- Bandwidth and throughput problems
- Lab exercises and case studies
- Latency Issues
- The primary points in calculating latency
- Plotting high latency times
- Free latency calculators
- Using the frame.time_delta filter
- Lab exercises and case studies
- Packet Loss and Retransmissions
- Packet loss and recovery – UDP and TCP
- Previous segment lost and Out-of-Order Segments events
- Duplicate ACKs and Fast Retransmissions
- TCP Retransmissions
- Zero window, Window changes and other window problems
- Lab exercises and case studies