Talk:Packet Captures
Wanted
- Site to Site VPN without Delete in Phase 2
PCAPs
- L2TP Packet
- Active FTP
- Passive FTP
- TCP Handshake
Wireshark Notes
TCP Trace Coversation -> TCP Delta time [] = not in capture; informational data rough RTT = delta bw Syn & Syn/Ack seq no + TCP Data size = Next Seq no Tcp Trace = flat part = wait time; no data transfered In case of delay, take capture on server also & compare both. If same delay in server cap also, then server is cause of delay or if not, may be network is the issue. Syn Port no tell the destination service being used Syn has 1 Byte number = Phantom byte In TCP silence means NO. No negative ACK 1518 = Ethernet max frame size 1514 = in wireshark 4 bytes = CRC removed