Hi,
We have some intermittent "slowdown" issues at a particular location.
Users connecting to DFS drives by going through two firewalls
experience serious slowdowns of their machine. Shortly after they
disconnect from the DFS drives the machines regain their vigor. I
went through the following theories:
1. The communication is hindered by one of the firewalls, so the
machine listens a lot for network traffic and that is the cause.
2. Because the machines are mostly PCs, maybe they are attacked by a
virus and that cause them to slow down.
3. The Cisco switch where the machines are connected might not have
the latest software and that cause the slowdown.
I did multiple Wireshark captures during the course of two months, and
there were patterns suggesting the above scenarios. Unfortunately a
capture after a few days always pointed to some other direction.
Otherwise the traffic looked "OK" at every capture with no errors or
warnings and with just a few notes and chats in the Expert Info.
Two days ago I did another capture. The capturing PC is a VmWare
virtual machine on my Macintosh running Windows XP with Service pack
3. The version of WireShark is 1.2.6. At this time from the 1677
packets captured 1527 erred out and had 59 warnings.
I attache the capture file.
What could have been the cause of so many malformed packets ?
I did the same test today at about the same time and found no errors
or warnings. Very puzzling. I attache the file from today too.
Thanks ahead,
János
Attachment:
cap_3-16-2010 1stfloor 13-02-53.pcap
Description: Binary data
Attachment:
cap_3-18-2010_1stfloor_switch3_port2_atplate.pcap
Description: Binary data