Wireshark mailing list archives
Identifying packets beyond proxies
From: Julio Talaverano <delaflota () yahoo com>
Date: Thu, 2 Apr 2015 14:22:41 +0000 (UTC)
Hi, I have to investigate on slow speed in the pick hours when our users surf the internet.The first problem is that we use three proxies throughout our network (A, B and C) until the last one(C) connects to the web server through the last firewall.The second problem is, we use the BitBox Enterprise solution which means that any connections connect over a vpn to he BitBox gateway and then the traffic continues through the other proxies in clear which means I can't follow a connection from the initiating client. My approach is to capture the traffic on all intermediate stations in order to find out the RTTs of several http packets when they enter the proxy A (Ironport) and when the same packet leaves the internet firewall.If this time is too long then I try to find the bottleneck inside our network. So I tried a few tests accessing some unusual pages just to be sure that they are not in any of the caches and no one else is accessing them while I'm testing. My question is now how I can reliably identify a packet along the whole path(at any intermediate capturing device)?Are the rel. SEQ# in Wireshark reliable enough? or at least a series of identical SEQs? Or is there a better way to do that? ThanksJulio
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Identifying packets beyond proxies Julio Talaverano (Apr 02)
- Re: Identifying packets beyond proxies masonke (Apr 02)
- Re: Identifying packets beyond proxies Ed Hoeffner (Apr 02)
- Re: Identifying packets beyond proxies Julio Talaverano (Apr 02)
- Re: Identifying packets beyond proxies Ed Hoeffner (Apr 02)
- Re: Identifying packets beyond proxies masonke (Apr 02)