Wireshark is a free network protocol analyzer that can capture network packets that can be analyzed. This incredible free software is what every network engineer should have to analyze network problems.
I don’t know how to thank the www.wireshark.org team for this invaluable tool. A friend of mine has setup a forum for just Wireshark questions and answers at Wireshark Forum
A Wireshark forum is just what this product needs for questions and answers. Find helpful ideas from Wireshark experts that have used this product. Having a problem troubleshooting a problem I’m sure someone has run into the same issue and can help.
This tool is developed and maintained by the Wireshark organization. This product can be commercially used to help isolate network problems. I find it also helps to better understand what really happens on the network cable.
Wireshark helps analyze and break out many different protocols TCPIP, UDP, Apple, HTTP, and many many more protocols. Runs on several different operating Systems, you can get a list from Wireshark,org website.
I’ve used it as a learning tool such as what happens when I ping another IP address on my own cable and on different IP subnets. What happens when I ping a node by its domain name, watching it go to DNS to lookup a domains IP address. You’d be surprised at what really happens on the network. A great leaning experience analyzing packets. Just when you think you know what you’re doing, capture some packets with Wireshark and you will be saying to yourself oh I didn’t know it worked like that or I forgot that’s how the protocol worked. Wireshark will straighten you out and you just leaned something.
You can setup capture filters to capture packets of any specific protocol. Let’s say you have a busy Server and it’s got many different protocols running on it, but you want to see just the DNS traffic, you can setup a filter to just capture DNS packets. Or lets say want to capture packets between your server and another IP address, you can easily capture packets between your server and a clients IP address by just applying a filter for the clients IP address.
You think you might have retransmits easily found with Wireshark by its color coding. It will highlight different problems with a different color that are easily spotted.
There’s nothing better than to walk into a meeting discussing slow response from a Server. Handing out Wireshark printouts showing there are TCPIP retransmits that contribute to the slow server they are trying to troubleshoot.
forum Wireshark Forum