Question & Answer
How can I configure and use Wireshark (Formerly known as Ethereal) to capture network traffic in order to troubleshoot performance problems?
Wireshark is an open source network protocol analyzer for Linux, UNIX and Microsoft Windows.
It can be used to collect data from a live network as well as analyze capture files created with a variety of other network analyzers. The data is useful when troubleshooting network issues including those affecting various Rational products.
To capture a network trace use the following steps:
- Download and install the latest version of Wireshark from http://www.wireshark.org/
Note: To capture packets on Windows, the Windows Packet Capture Library (WinPcap) is required. Newer versions of Wireshark now install this library. For older versions of Wireshark or Ethereal download and install the correct version from http://www.winpcap.org/install/default.htm
- Setup the environment to reproduce the problem on as small a scale as possible.
For information about Wireshark capture privilege requirements refer to the Wireshark wiki on the topic of Platform-Specific information about capture privileges.
- Open Wireshark and click Capture > Interfaces. This will open the Wireshark Capture Interfaces. Wait for a few seconds to see which interface is generating the most packets - this will be the interface to capture on.
- Press the Options button next to the interface with the most packets. If an empty dialog comes up, press OK.
- Enable Network Name Resolution and ensure that the Capture packets in promiscuous mode option is also selected. Keep the defaults for the rest of the settings. Press Start to begin capturing.
- Reproduce the problem.
- After reproducing the problem click the Stop Capture button on the Wireshark Toolbar.
- Choose "Save" or "Save as".
Note: Do not choose "Export" as this will change the format making it difficult to open with Wireshark.
- Finally verify that "All packets" and the default Wireshark/tcpdump/... -libpcap (*.cap,*..pcap) "save as type" are selected. Provide a File name and choose save
Review http://wireshark.org for licensing requirements that are suitable for use in your environment as well as the latest product documentation.
29 September 2018