I am investigating a possible WAN issue, where occasionally
packet drops & bursts of latency are impacting users.
I have two wireshark sniffers set up, each spanning one end
of the WAN link, with both machines NTP time synced.
Comparing the captured data from both sniffers visually, I
can see data being transmitted/received across the link, and determine if a
packet has been transmitted & not received, and individual packet latency.
What I need is a means (scripted ?) of comparing the files
and reporting on the latency packetdrop.
The output would be a simple text file like this
[4330],14:08:46.228,10.10.1.217->10.1.1.105,Seq224215419,Ack291926145
116ms
[777],14:08:46.112,10.10.1.217->10.1.1.105,Seq224215419,Ack291926145
[..] would denote packet number from each
capture file
From this file, it would be clear to read
how long each packet has taken to cross the WAN, and if it was dropped.
Has anybody had any experience with this
type of analysis ?
Thanks in advance,
Julian Fletcher,
Birmingham, UK