Why would it see double? Albert Jurado Network Manager First Commercial Insurance Company 2300 W 84 St. Hialeah, FL 33016 Phone: (305) 820-4848 ex. 1206 Mobile: (305) 873-4400 Email: [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jaap Keuter Sent: Monday, March 10, 2008 1:31 PM To: Community support list for Wireshark Subject: Re: [Wireshark-users] Terminal Server traffic
Hi, I may be dependant how you configured the monitoring port on the core router. If it captures both ingress and egress packets it start to see double. The details I leave to the network operator buffs ;) . Thanx, Jaap Albert Jurado wrote: > As of last week we started to monitor traffic from our internal Terminal > Server to our internal SQL server using wireshark. > > Our network is segmented in the following way: > > VLAN for servers > > Data VLAN for each floor in the building (six in total). > > We installed wireshark on a separate workstation plugged into our core > router with a monitoring port configured > > Our first capture revealed over 40% of the traffic as “out-of-order” > packets. When we performed a capture from the terminal server there was > no such traffic. > > I wondering if this type of behavior is normal for terminal server > communication. I hope someone can shed some light on this matter for > me, it would greatly appreciated. > > Thanks! > > *Albert Jurado* _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
