Using Wireshark to Troubleshoot Network Connectivity Issues: Statistics
In addition to the “Follow TCP Stream,” “Decode As,” “IO Graphs,” “Expert Infos,” “Time Sequence Graph (tcptrace),” “Conversation Filter,” and “Graphical Time Sequence (grep)” features, Wireshark also includes a tool called “Statistics” that provides a wide range of statistical information about the packets being captured.
To use the “Statistics” feature, simply select the “Statistics” menu and then choose the type of statistical information that you want to view. Wireshark provides a number of different options, including “Protocol Hierarchy,” “Endpoints,” “IO Graphs,” “Conversations,” “Flow Graph,” “TCP Stream Graphs,” and “HTTP.”
Part A: How to Use the Protocol Hierarchy
To use the “Protocol Hierarchy” option in the “Statistics” feature in Wireshark, follow these steps:
Select the “Statistics” menu and then choose “Protocol Hierarchy.”
In the “Protocol Hierarchy” window, you will see a graphical representation of the protocols being used on your network, with the most frequently used protocols at the top.
To view more detailed information about a specific protocol, click on the protocol in the graph. This will open a new window with a breakdown of the packets being captured for that protocol.
Part B: Why the Protocol Hierarchy is Useful
The “Protocol Hierarchy” option in the “Statistics” feature is useful for a number of reasons:
It provides a high-level overview of the protocols being used on your network. By seeing which protocols are being used the most, you can get a sense of the types of traffic that are generating the most activity on your network.
It helps you identify any potential problems with your network. For example, if you see that a particular protocol is being used much more frequently than others, it could be a sign that there is a problem with that protocol or that it is being used excessively.
It allows you to drill down into specific protocols to get more detailed information. By clicking on a specific protocol in the graph, you can open a new window with a breakdown of the packets being captured for that protocol, which can help you identify any issues with the packets or the protocol itself.
It helps you optimize your network by identifying any protocols that are using up too much bandwidth or causing other performance issues. By identifying and addressing these issues, you can improve the overall performance of your network.
Overall, the “Protocol Hierarchy” option in the “Statistics” feature in Wireshark is a valuable tool for network support technicians who are trying to troubleshoot connectivity issues and optimize network performance.