[Jim Aragon <Jim@xxxxxxxxxxxxxxxxx>]

At 10:41 AM 7/14/2012, Andrea wrote:

> Hello Jim, here is my first cut of tracefile:
>
>

http://www.cloudshark.org/captures/4b8cf621d044
> It contains conversation from when I first start
application,
> and on row 717 there is first spanning tree.

Ok, let's take a look at this data.

There are 8 STP frames in this trace file: Numbers 1, 2, 57, 61, 258,
717, 776, and 6254.

You said there was about a one-second delay between an STP and the next
packet from the server (192.168.1.2). So let's look only at STP frames
and TCP packets FROM the server. Our display filter is "(tcp 
&& ip.src="" || stp". The time delays between
each STP frame and the next TCP packet from 192.168.1.2 are:

After frame 1: No traffic, and our application hasn't started yet.
After frame 2: 0.504272 seconds, but when we see frame 2, our application
hasn't started yet, so we don't count this.
After frame 57: No traffic between the STPs in 57 and 61.
After frame 61: 1.557721 seconds
After frame 258: 0.054305 seconds
After frame 717: 0.690998
After frame 776: 0.059590 seconds
After frame 6254: 0.000001

The average of these delay values is 0.472523 seconds. Yes, we have one
value that's over a second and a half, but we've got three values that
are under 0.06 seconds.

I don't see a consistent one-second delay. In fact, this looks pretty
normal to me. I think you're just seeing the normal variation of network
traffic. Sometimes there are pauses in the communications for various
reasons, but they are unrelated to STP.

Jim