I’m a senior TAC engineer at Cisco and currently mentoring new hires in my team , I have shared your channel for them to brush up their wireshark skills and I must say that my students are super impressed with you Chris, Great Job!! these videos are gold .

Learning layer 4 (transport-layer) is crucial to troubleshooting network/application issues! Most app and most server teams don't understand the importance of TCP- tuning; they have little clue about window-scaling/sizing, SACK-tuning or how much retrans is too much. The BDP calculator is your friend as a network-analyst, most of the issues I discover are usually at layer 4 or below.

way better than the provided lecture notes at university -> best way to learn for the practical exam is to watch your videos! 👍

thnk you chris,i am a technical support negineer for several years,feel i am gaining good enough knowledge here

These videos are so good I can't believe they aren't more widely recognised

Thank you Chris, your way of explaining very complexe things in a simple and direct way is very valuable.

Always facing Retransmission issues, This video is a life save. :)

Very interesting video, you’re now in my go to channels list.

One of the best video on explaining the reason for retransmission.. Subscribed your channel.. looking for more videos..on packet analysis

Amazing Content ! Please continue to upload such videos regularly. Suggestion for next video: I would like to see PCAP analysis of a voip call with choppy audio/One Way audio.

What a valuable video! I have learned too much from you Chris, thanks a lot!

Been learning so much from your videos. Thanks you Chris

What else is there to say, informative and well presented. Like your videos a lot

Would love to see a video on SIP packet troubleshooting :)

Nice post, looking for depth on this topic Chris. Thanks

Thank you very much for all the knowledge you have been sharing!!!

Need more videos on RETRANSMISSION

boom ...more knowledge transmitted successfully from server(Chris) to client(me).

What causes [TCP Retransmission] [TCP Port numbers reused] and how to fix it?

Hey Chris, great video. Just a quick confirmation, in the three way handshake, I see the (TX - Sender) has a MSS of 1460 whereas the (RXR - Server) has a MSS of 1440. Could that be a potential problem, or based on the three handshake. Will both parties agree to some diligence in the network like with windowing sizing? Thanks

Great video and explanation, thanks

I'm here because David bom and subscribed 🎉🎉🎉🎉🎉🚀🚀🚀🚀🚀🚀

Hello Chris, once again...Thanks ;-)

I always wait for uer new video 👍

Thank you for the informative video.

Great video! Thank you!

Always the best. Great content. Thank you for much for it.

All TAC and Escalation engineers watching this video, give a like !

Thank you Chris. This really helped me 😁

Thanks for making it.

Thank you!

Hello Chris, Great videos, on a particular case where we have a constant but high latency, is it a good idea to have frto or is a better approach to deactivate the frto at the source. Thanks.

Thank you so much!

Great Chris

Thanks Chris!

Thanks!

amazing video , thanks so much

Great tips Thanks a lot

Always the same problem - having 2 thumbs but only 1 thumb up allowed to give! So please feel it doubled

Hi, in an holistic troubleshooting method I would like to get some quick view informations table about the many tcp connections I can capture in my trace files. For each TCP connections I would like to find , the number of packet retransmitions, ther average TCP RTT, the average application RTT, the number of 0 window, and so on. Is there any way to get this in Wireshark ? Or is there any other packet analyser doing this on the market ?

Hi Chris, Great Stuff as always! I've a question. Why is server/receiver trying to send with the default MSS value of 536 when it has already negotiated its MSS value of 1440 during TCP 3-way handshake (SYN-ACK)?

Chris, how do we analyze or troubleshoot esp/ipsec packet loss in wireshark?

Awesome video and series. Simple and stupid question, what's a MTU ?

U are awesome 🤠

Video 3

Hey can you please explain me that what is "client hello" which is written in 4th line after 3 way handshake.

Hi Chris, I know you are not troubleshooting just for anyone so I would like your input to guide me to resources to help me find out what is wrong with my connections. I don't know what to ask I dont know what to look for so a bit of guidance to the right direction would be a great help. My clients can't seem to connect to a certain website, im sure my firewall does not allow this connection. But my firewall log says it allowing it. I decided to check packet logs and found that my TCP SYN "conversation completeness: incomplete 37". I'm guessing my firewall will not trust that. Of course, without firewall, I tried to access the website which works but I also see my TCP SYN "Conversation completeness: incomplete, DATA (15)". on firewall: TCP sequence is Client SYN (time:1) > TCP Retransmission x 4 > Server ACK (time 16) > Client TCP RST (time 16) Where should I go? What could be causing this?

If the smallest MSS allowed by TCP is 536. Why is packet 16 314

!!!

Very good information