Case study 1 – Slow Internet
One of the employees at our organization approached the network support geek (let's call him Bob) with a request to check whether there were any issues with the Internet, as he had been receiving very slow response from applications over the Internet over the past couple of days. After some investigation from his end, Bob found out that this was a widespread issue and many people had noted this in the past two days.
Since the issue was with the Internet (as per the analysis and viewpoint of users), Bob decided to first connect the analyzer to the exit node, that is, the router, connecting the network to the Internet and to capture some traffic for analysis.
Analysis
Most of the traffic in the trace file was coming to and from a particular host 192.168.10.132, hence Bob filtered on ip.host==192.168.10.132 and exported those packets into a different trace file for analysis.
The Conversations window indicated a large number of TCP and UDP conversations in a short span...
