MyPeek
WPDN
Partners Login
Worldwide Sites
Product Support
Product Activation FAQs
Downloads
Maintenance Programs
White Papers
WildPackets Forums
Technical Compendium
Additional Resources
Tip of the Month
Wireless Tips
Plugin Tips
Product Versions
Networking Books
Networking Glossary
Networking Links
Tech Support Requests
Home > Support > Additional Resources > Tip of the Month

Tip of the Month

Network Analysis Tip of the Month – October 2005

Faster Analysis, without looking at the decodes!

Author – Saurabh Bhasin

  • Ever wanted to look at a certain value in all packets?
  • Ever wanted to compare packets based on a certain value/flag/bit?
  • Find it painful to go through decodes and look for a certain value?

Let's take the TTL field for example. A very easy and quick way to tell how many hops did the packet cross before you took the capture. Looking at the TTL in packets can give us a good idea as to where the capture was taken, next to the client or the server. Typical TTL values are 255 or 64 so if you saw a packet with a TTL set to 59, it's likely that the packet crossed 5 hops before it got to the capture location. Similarly, if you captured a packet with TTL set to 252, it's likely that the packet crossed 3 hops.

It's important to verify the TTL values to determine issues such as:

  • Routing Loops
  • Routing misconfiguration

You can turn the decode column on, and highlight the TTL field in one of the packet decodes to quickly see the TTL value for each packet, without ever looking at the decode itself. A quick "scan" through the packet list will tell you a lot about the path taken, roles played and misconfiguration, if any in inbound and outbound routes.

Screenshot

 - Click on thumbnail for larger view
Download a demo of OmniPeek
Custom Integration & Engineering
WildPackets understands that one size does not fit all. Moreover, we all face new challenges every day. WildPackets Custom Engineering performs software development and systems integration, complementing WildPackets products and enhancing the capabilities of Network Operations Centers.
Learn more...

Network Analysis & Consulting
WildPackets offers a full spectrum of professional services, available remote and on-site. Our network engineers provide expertise for your network troubleshooting, capacity planning, or baseline performance analysis needs.
Learn more...

Tip of the Month
Pump Up The Volume
If you are using WildPackets® OmniEngine or WildPackets® Omnipliance, chances are you are interested in collecting, storing, and analyzing very large volumes of packet data. The key word here is VOLUME! On highly utilized gigabit or 10 gigabit links, hundreds of thousands, or even millions, of packets can be collected in just a few seconds. Processing that many packets takes a lot of horsepower, and OmniEngine is strong enough to handle the flow in most cases. However, every computer system has its limits, so you need to know how to maximize the packet volume that OmniEngine can accommodate. Here are some best practices to consider when setting up your capture options.
COPYRIGHT © 2008 WILDPACKETS, INC   —   PRIVACY STATEMENT · CONTACT US CORPORATE  ·  PRODUCTS  ·  SOLUTIONS  ·  SERVICES  ·  SUPPORT  ·  PARTNERS  ·  BUY NOW
All registered and unregistered trademarks are the sole property of their respective owners