Hi,
I am investigating several TCP flows and I am wondering how you can proper filter packet loss in tshark/wireshark:
In the forum someone says that the correct way of filtering lost packets and looking for tcp.analysis.lost_segments followed by tcp.analysis.retransmissions. What about tcp.analysis.ack_lost_segments?
How to also correctly capture tcp.analysis.out_of_order without mixing it with something else?
I am working with MPTCP and I would like to better quantify out of order packets at the receiver as well as real packet loss (bad link) and not network delay + retransmission.
I have both client and server trace files. When I use the filters above, I see slight different values at client and server.
Thanks!