Thank you Hang for the feedback. I'll do my best to keep them coming!

You prolly dont care at all but does any of you know a method to get back into an instagram account? I somehow forgot my login password. I appreciate any help you can give me

@Jude Gary Instablaster ;)

@Zion Erick I really appreciate your reply. I got to the site thru google and im waiting for the hacking stuff now. Takes quite some time so I will get back to you later when my account password hopefully is recovered.

@Zion Erick it did the trick and I finally got access to my account again. I am so happy:D Thank you so much, you saved my ass !

Thanks for the comment - glad you enjoyed it!

Thanks Bruno! I appreciate the comment.

Glad it helped you!

Hi Emir. Was the wireshark course from udemy worth it and what’s the name of the course?

Ram thank you!

Thanks for being awesome and commenting!

Awesome! Congrats on passing the WCNA. That is a huge accomplishment and I am honored to have helped at least in a small way. Keep on learning and capturing.

Thanks for the comment Rohith!

Thanks Mahesh! I appreciate the comment.

Nice feedback Patgame - thank you. You could always just join Pluralsight for a month and watch them all for $29! But who knows, maybe i can get some other projects in the bag too. www.bit.ly/wiresharktcp

@@ChrisGreer Thanks, Chris. You make a point on the monthly sub. Do you cover various congestion avoidance algorithms (read, reno/bic/cubic) and so on in your courses? I cannot seem to ascertain from the list of topics on PluSig

@@patgame Yes! - I have a new course on Pluralsight that will come out in the next few weeks that covers the congestion control mechanism, and looks into CUBIC vs NewReno. It doesn't do a deep dive into each flavor, but it does cover how each one makes a decision of when to go into congestion avoidance and fast recovery. It is called Mastering TCP Analysis with Wireshark

Chris Greer great stuff. Will definitely sign up then. See you there :)

Thank you! 🙏

Thanks for taking the time to give positive feedback. I really appreciate it!

Great! Welcome to the channel - Kick back, relax, and enjoy the content!

Thanks Harsha! I will keep making them.

Happy to help! Stay close to the channel for more content.

Thanks for watching Suraj!

Thanks for watching Philip!

Glad it was helpful!

Thanks for the comment Huzaifa!

Thanks for commenting!

Out of orders mean that a packet arrived out of sequence. It can happen because a packet takes a different path than others behind it and it took longer to arrive, or more often, Wireshark can perceive retransmissions as arriving out of order. Great idea for a video!

Hello Malcolm - if the two devices are on the same subnet and packets do not need to be routed then the TTL will not be decremented between the two. Traffic in both directions will stay at 255 and 128 respectively. A Wifi access point and an ethernet switch are not routers, generally speaking, so they will not decrement the TTL. Hope this helps!

@@ChrisGreer Yes this helps tremendously. So with with network equipment not behaving as routers in the general sense, it also implies that windowing will not be modified between the 2 devices and that window size is purely between the endpoints?

Hello Nanis - Wireshark determines that a packet has been lost by looking at the gap in the sequence numbers. So if you see this warning, it means the previous packet in this direction was lost. So it depends on which direction the traffic is flowing. Also, consider where you are capturing. If you are capturing at the client end, most likely you will see this warning for packets that are coming from the server. Another possibility is that the packet was lost by the capture method (overprovisioned SPAN, exceeding the capture potential of the laptop or device doing the capture) so be careful when troubleshooting these warnings as they simply may indicate that the capture device simply missed a packet.

Not necessarily. The window size is set by the operating system kernel, or by the application using that kernel. So it is independent of the network. Increasing the bandwidth may cause the TCP stack to dynamically increase the window size over time as more data moves, however that would be determined by the OS.

@@ChrisGreer I have an issue that after I change the network layer from IP MPLS network to a WDM OTN network using the same servers and with the same link capacity. The windows scaling increase drastically, having transfer rates from 4 MB/s up to 90 MB/s. This is why my question. The only difference is the iRTT time. With a 20ms difference between the two network layers. WDM OTN shows the best performance. I'm trying to find how to explain or justify this behavior. What else would you consider to check?

Hey Shawn - that's great! Welcome to the world of Wireshark. For sure check out the videos here on my channel for tips and tricks. For some more in-depth, personalized training, let me know if you are interested in a class. For books, check out Practical Packet Analysis by Chris Sanders. Awesome read. Hope this helps!

Hey! Can you share the pcap? If so… pop it over to me… packetpioneer@gmail.com

@@ChrisGreer thank you very much ) sure ill send it

Only captured on source the receiver which is src, though. Might be just performance rlated on other end. Hard to tell, cuz im network guy, and they say server is green...

Hmm interesting. Literally never seen that one. What version of WS are you running?

I don’t provide the pcaps on this one. Some of them are long gone…

Not clear about previous segment not captured

You said that it's common to see Window Full and then some packet loss. Do you mean to see that server/host will burst traffic up to Window size and 'packets from this burst' may be dropped by network? Can you also confirm that it's not necessary that every time we see Window Full network will drop packets? Could you please explain more about this? Thank you very much :)

Yes - I have the exact same question. The explanation for Window-Full was a bit unclear in the lecture. He mentioned that Server has sent so much data to Client that the Window Size has become Full. Whose Window Size? Also, why is the Server sending more data when the Window Size limits are clearly mentioned in the TCP Conversation?

And depending on your coach they'll have an excuse for everything credit cards taking too long? must be a lot of people buying right now. Man Mastercard servers are busy today.

@@sleekthegeek6669 Wow really? I guess it doesn't surprise me. Thanks for the comment.

Thanks Malak. I hope it helps!

Sure - I'd be happy to. Please send me a contact request through www.packetpioneer.com/contact Thanks!

DRSInfocom Online firewall training sure, that is a great idea for a video. I will be in my studio soon recording some new content!

@@ChrisGreer thanks a lot Chris. The way you teach is awesome. That's the reason for request. 😊

Hello Hamzeh, here is a link to one of them - www.cloudshark.org/captures/b28b2cfec7ea I do share the trace file for several of my videos but I didn't do so for all the traces on this one. Thanks!

Just saw your video, and compared to others out there yours really explained to me how to really use Wire Shark. Thank you.

:-) Funny!

@@ChrisGreer By the way, excellent video! I'm not an IT professional, only an enthusiast learning the ropes about how network communications work: so I don't troubleshoot often (my peak performance is turning off and back on the router), but seeing the different pieces "in action" with software like Wireshark helps to grasp the theoretical concepts. Aside from general tips about Wireshark (like conversation filters, buttons and others), I found that considering the layers stack from the perspective of the transport layer is very insightful and something I never thought about: either I focus on the lower part (physical, link, network) or the upper part (application, since session and presentation for me are still a mistery). I still have to digest the video, but it seems I have learned a valuable lession: since the transport layer is "in the middle", it points to the direction to follow when trying to understand what went bad. Thanks for the upload, I'm really glad I resisted the first "ugh! 1 hour of technical explanations on topics I barely understand? No thanks" impression , you are a great teacher!

u mean the wireshark software?