Chris deserves more subscribers. Contents are great and explained well.

This was a nice subtle vid to remind people on timestamp importance. Thanks, very much appreciated.

Well explained, important information for super users questioning ICT about networking traffic congestion.

Thanks Chris! We were able to fix a problem with our database connection from our client. We essentially needed to increase the keep alive interval.

Great video. I keep understanding some more everything I watch this

Excellent Chris

Excellent short and very useful courses. Nice Job

Excepcional content, Chris!

very useful video. I didn't know you could add the tcp time-since-previous-frame as a column!

Great 👍 explanation as always. Thank you Chris.

again, very useful!!

This explanation was very useful, thank you.

L'angle est très bon c'est parfait !

Great video thx! If I want to look for a string used in google search or any browser form submit, how would you do it?

Thanks for yet another informative video, Chris. Keep 'em coming! I was wondering if I can ask you for some wireshark insight. I am trying to resolve an issue at a school district where they are having issues administering graphics-intensive tests to their students utilizing chromebooks (they would get delays, processing circle, etc.). I had someone look at the wireshark trace and he said, "I see a few TCP packets out of Sync, some with zero length, some spurious-retransimissions, and loads of “TCP segment of a reassembled PDU”. To me this points out to a device in the network, that’s sitting between the internet and the customer’s network (be it a firewall, proxy server, or any security appliance), which is capturing (Analysing?) every packet transiting, but not coping with the sheer traffic, which is introducing instability in the network." Would you agree with what he assessment? I am curious what percentage of out of synch packets, zero length, spurious-retransmissions, etc., would point to it being any of those devices or how would I look for which particular device is causing the problem. The district did mention they had jitter on their firewall and are taking a long time to get information back from Cisco. I asked them a while back if they had a proxy server and they said no. I then asked if maybe their ISP had a proxy server set up and asked them to have the ISP trace the traffic. They never said definitively that there was not a proxy server on the ISP side, but did mention something about traffic shaping from there. Just wondering if you can point me in the right direction so I can help them fix the problem of the stress they deal with while students are testing.

Thank you.

Very helpful 👌 thanks

how to get time since previous frame column?

Great video, thanks! I'm willing to check what if the client is sending PSH flagged packet after 35 secs from the previous packet. Is this something that I need to check on the client side? In my case, App server (app01) is contantly talking to a DB Server (db01), and randomly delaying the response by 34 seconds, and after 34 seconds, the app01 is sending PSH,ACK to db01 and resuming the connection. I'm a bit confused where should I look for the problem. Is it app01 that's having problem or running low on resource or getting highly consumed, OR its the db01. Any suggestion would be highly appreciated. Thank you!

very cool.

Hi Chris, How did you create the Delta Column?

Thank you! YOur video helped!

How come only after coversation filter delta value and time since previous frame value got same .....

Curious as to why use the "Time since previous frame..." as opposed to just using the Delta time?

I'm using Wireshark version 2.2.1 on Mac, and I don't have the "time since previous frame" shown in the TCP header. Is that something I need to enable?