Wireshark-users: [Wireshark-users] TCPTrace

From: "Usman Qureshi" <qureshi.usman@xxxxxxxxx>
Date: Sun, 26 Nov 2006 20:09:05 -0500
Hello,
 
Is there a good reference to understand how to use Time Sequence
Graphs to analyze TCP traffic behaviour ?  Is Ethereal's
implementation identical to TCPtrace graphs (tcptrace.org) ?

 
The upper line is the advertised window size, and the lower line is
the ACKs received over time.  Please correct me if I'm wrong.
  How do
I interpret the position of the segments on the graph ? Sometimes the
segments are closer to the upper line, and sometimes segments are in
the middle of the two lines.

What is occuring when the upper line moves closer or futher away from
the segments ?

What is occuring when the lower line moves closer or further away from
the segments ?
I have a basic understanding of TCP congestion and avoidance controls.
But I need to verify what is going on in a trace of mine.  
The TCP
sliding window shrinks, lots of DUP Acks, and a TCP Window Full
message is seen.  I want to verify how to see this in the time
sequence graphs, and how to remedy my TCP Window Full problem (FTP

upload on a dialup connection).
Thanks!