Home
Topics
Network Management
Network Monitoring
How can I make better use of my protocol analyzer when analyzing TCP?

How can I make better use of my protocol analyzer when analyzing TCP?

Retired Expert - Scott Haugdahl

How can I make better use of my protocol analyzer when analyzing TCP? I want to go beyond just looking at TCP decodes.

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

When analyzing packet traces, I like to view as much as possible in the one-line summary display, drilling down into the decodes only when necessary. For example, to follow the TCP layer, most analyzers have an option to display only up to the TCP layer in the summary line.

When analyzing an application protocol using TCP such as HTTP, browsers will use two or more simultaneous TCP sessions to download web content. Trying to analyze simultaneous sessions can be confusing because consecutive HTTP packets may have nothing to do with each other unless they contain the same set of ports (and are thus part of the same TCP session). I recommend filtering packets by ports (don't forget both directions) to view the packet sizes, turn-around time, and other TCP and client/server dynamics one session at a time.

Analyzing throughput of FTP or another file transfer protocol (such as a Windows file drag-an-drop SMB session)? The maximum throughput of TCP is often limited not by bandwidth but by the round-trip delay between client and server. Maximum theoretical throughput (assuming no congestion from other traffic) = the TCP window size divided by the round-tip delay. For example 8760 bytes divided by 0.100 seconds = 87,600 bytes/seconds, or roughly 45 percent of a T1 indicating that we may wish to set a higher window size across the WAN. Similar situations can also arise even in low latency LANs, especially at Gigabit and higher speeds. Try the math. You may be surprised.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in September 2004

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Enterprise WAN
Unified Communications
Mobile Computing
Data Center
Networking Channel

Enterprise WAN
- WAN optimization, management and security: Putting the pieces together
  
  By searching for solutions that put WAN optimization, management and security together, enterprise IT can reduce company bottom lines and complexity.
- Five ways applications benefit from enterprise WAN optimization
  
  These are five ways enterprise WAN optimization technology helps overcome productivity and application issues organizations face in today's workforce.
- Optimizing WAN performance: Industry trends driving demand
  
  As the enterprise workplace is becoming more virtual and mobile, optimizing WAN performance to fit end user demands is more vital than ever.
Unified Communications
- Does WebRTC support IPv6?
  
  Will WebRTC support session enablement in IPv6 environments? This article explains how this real-time communication protocol functions in v4 and v6.
- New Sonus SBC technology: Modular scalability, branch survivability
  
  Sonus announces two new modular session border controllers and branch survivability for enterprise Lync users.
- To cloud or not to cloud your unified communications applications?
  
  When it comes to running your unified communications applications, which should live on-premises or in the cloud? Expert Dave Michels explains.
Mobile Computing
- Bringing BYOD to your enterprise
  
  Bring your own device (BYOD) can be a boon for both employees and enterprises, but clear policies and management tools are needed.
- Meeting technical requirements for mobile health care deployments
  
  IT departments deploying mobile health care solutions must ensure that using mobile devices in health care settings doesn't violate federal laws or compromise security.
- Making the call: Distributed antenna systems and in-building wireless
  
  Distributed antenna systems and in-building wireless solutions are two options to improve wireless cellular coverage within an enterprise facility.
Data Center
- Data center modernization starts with cloud, SDN and virtualization
  
  Some of the technologies driving data center modernization include cloud computing, flash storage, virtualization and software-defined networking.
- Data center technologies evolve to meet tomorrow's computing demands
  
  VMware's upcoming public cloud and AMD's 64-bit ARM servers are technologies for the data center that exemplify the changes in the IT industry.
- New data center cooling strategies to improve efficiency, lower costs
  
  Stagnant strategies for data center cooling will keep energy bills climbing ever higher, but a more modern approach can bring them back down to earth.
Networking Channel
- Aruba Networks Partner Program Checklist
  
  Value-added resellers and service providers interested in reselling Aruba networking hardware and software can learn the benefits of becoming an Aruba Networks partner with this standardized checklist. Compare Aruba's reseller partner program with other vendors' offering similar products.
- NetScout Systems Partner Program Checklist
  
  Learn the benefits of becoming a NetScout Systems reseller partner with our Partner Program Checklist.
- Visage Mobile Partner Program Checklist
  
  Learn the benefits of becoming a Visage Mobile reseller partner with our Partner Program Checklist.

All Rights Reserved,Copyright 2000 - 2013, TechTarget