Hi!
I have a capture taken with an Ethernet tap/splitter/monitor where several packets have a negative time difference to the previous packet, i.e. frame.time_delta is below zero. Actually, 13.4 % of all packets in the file have this characteristic,
which can easily be seen by applying the filter
frame.time_delta < 0
It is only packets that go in one direction, e.g. from server to client, that appear to get negative time delta and this leads me to think that whatever causes this is not only due to some fault or feature in Wireshark itself.
What can this be caused by?
Best Regards,
Jaroslav Kazejev