Configuring Wireshark to troubleshoot performance issues

Technote (FAQ)


Question

How can I configure and use Wireshark (Formerly known as Ethereal) to capture network traffic in order to troubleshoot performance problems?

Answer

Wireshark is an open source network protocol analyzer for Linux, UNIX and Microsoft Windows.
It can be used to collect data from a live network as well as analyze capture files created with a variety of other network analyzers. The data is useful when troubleshooting network issues including those affecting various Rational products.

To capture a network trace use the following steps:

  1. Download and install the latest version of Wireshark from http://www.wireshark.org/

    Note: To capture packets on Windows, the Windows Packet Capture Library (WinPcap) is required. Newer versions of Wireshark now install this library. For older versions of Wireshark or Ethereal download and install the correct version from http://www.winpcap.org/install/default.htm


  2. Setup the environment to reproduce the problem on as small a scale as possible.

    For information about Wireshark capture privilege requirements refer to the Wireshark wiki on the topic of Platform-Specific information about capture privileges.

  3. Open Wireshark and click Capture > Interfaces. This will open the Wireshark Capture Interfaces. Wait for a few seconds to see which interface is generating the most packets - this will be the interface to capture on.





  4. Press the Options button next to the interface with the most packets. If an empty dialog comes up, press OK.






  5. Enable Network Name Resolution and ensure that the Capture packets in promiscuous mode option is also selected. Keep the defaults for the rest of the settings. Press Start to begin capturing.





  6. Reproduce the problem.


  7. After reproducing the problem click the Stop Capture button on the Wireshark Toolbar.



  8. Choose "Save" or "Save as".
    Note: Do not choose "Export" as this will change the format making it difficult to open with Wireshark.




  9. Finally verify that "All packets" and the default Wireshark/tcpdump/... -libpcap (*.cap,*..pcap) "save as type" are selected. Provide a File name and choose save







Review http://wireshark.org for licensing requirements that are suitable for use in your environment as well as the latest product documentation.

Related information

Wireshark Home Page
A Japanese translation is available

Cross reference information
Segment Product Component Platform Version Edition
Software Development Rational ClearCase Utilities and Tools
Software Development Rational Team Concert General Information
Software Development Rational ClearCase Utilities and Tools

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Rational Customer Support
Diagnostic Utilities

Software version:

All Versions

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows

Reference #:

1129543

Modified date:

2010-03-29

Translate my page

Machine Translation

Content navigation