Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

wireshark protocol hierarchy

Posted on 2015-02-07
7
Medium Priority
?
293 Views
Last Modified: 2015-02-07
I am looking at the Protocol Hierarchy for TCP in the Statistics>Protocol Hierarchy and it does not seem to add up as far as the % packets is concerned. I have TCP as 94.76%. But when I expand the selection for TCP, the protocols are around 0.03%, except 27.24% for SSL. I added up the protocols under TCP and it did not add up to 94.76%. It is barely 30%. Am I missing something? Thanks
0
Comment
Question by:leblanc
  • 3
  • 3
7 Comments
 
LVL 2

Expert Comment

by:UnHeardOf
ID: 40596002
If you look over one column you'll see the total number of packets. If you perform a filter in the capture you should see that the total number of TCP packets match that column. Next do a filter for HTTP in the capture and if you look at the packet details you'll notice that it uses tcp which is a sub category of tcp in the protocol statistics.
0
 
LVL 1

Author Comment

by:leblanc
ID: 40596019
Attached is the pic of my tcp protocol hierarchy statistics. If I added everything under TCP, it is not equal to 94.76%.

pic
0
 
LVL 2

Assisted Solution

by:UnHeardOf
UnHeardOf earned 2000 total points
ID: 40596030
Packets could just be defined as TCP so you need to keep that into consideration.  

94.76% of the packets are TCP. Of those TCP packets 27.24% are SSL. If you had up all the items under TCP and subtract that from the TCP % thats the percentage that are just defined as TCP.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 1

Author Comment

by:leblanc
ID: 40596061
"94.76% of the packets are TCP. Of those TCP packets 27.24% are SSL" I agree with you.
"If you had up all the items under TCP and subtract that from the TCP % thats the percentage that are just defined as TCP" I don't understand this. To me if tcp is 94.76% and everything under that (from ssl to dns) should add up to that 94.76%. No?
0
 
LVL 2

Accepted Solution

by:
UnHeardOf earned 2000 total points
ID: 40596065
You still have a percentage that are just classified as TCP which they dont display as a line item.
0
 
LVL 17

Expert Comment

by:jburgaard
ID: 40596077
These 'just TCP' are in control of the TCP-flow , like the packet I received was OK , you may speed up, slow down please, resend or whatever.
0
 
LVL 1

Author Comment

by:leblanc
ID: 40596079
ok. yes now I see what you meant. The difference between the tcp % and the actual tcp% is the tcp that is not shown here. So that makes sense. I did not know that. I thought that some packets were dropped.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses

876 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question