Creating a custom profile for troubleshooting
We will first go ahead and create a rock-solid profile for the purpose of troubleshooting and then take a look at the different issues that might hinder network performance.
By now, I assume that you're comfortable with creating profiles in Wireshark. The highlights of the profile are as follows:
Uncheck/disable the Allow subdissector to reassemble TCP streams option. This should only be enabled while getting the HTTP or SMB objects.
To deal with sequencing issues in TCP, we first need to enable Analyze TCP sequence numbers under Preferences | Protocols | TCP. The following is how my TCP Preferences look like:
Troubleshooting profile: TCP Preferences
Next, put the sequence number, next sequence number, and acknowledgment number into three different columns in Wireshark for ease of analyzing the TCP sequencing as shown in the next screenshot.
"Time" is always a major factor when looking for delays on the network and hence we will begin by tweaking it...
