How To Miss HTTP errors

 

Some times http error are not what they seem. In this example I show you what looks like a HTTP 404 error, but is fact not one.

Cabling Tip

 

As I mentioned in the video, I am pleasantly surprised with the feedback from my quick videos.

Here's another tip for marking your cables.

Network Flooding, Really?

 

Flooding is one of those networking topics that people always assume someone else will have.

Some of the common myths that involve flooding are; huge multipath networks, complicated load balancing configurations, and of course, x-file type problems.

Flooding can happen with the simplest devices or configurations. Let’s start with my simple but brief definition of flooding. When you see a lot of other device unicast addresses on your switch port, that’s flooding. Seeing the occasional flooded packet, isn’t that unusual, but if you see hundreds of unicast packets per second (that aren’t yours), you should investigate.

In my experience, any device that has 2 ports or more can cause or contribute to flooding. The most common example of flooding is when you have a host with 2 ethernet cards and a virtual ip/mac address. When the host communicates with you, it uses a real mac address, but when you talk back, you use a virtual mac address that the switch might not be aware of resulting in those return packets going to all switch ports.

Lately, I’ve seen cameras that have ethernet and WIFI connectivity to cause flooding, and not sure why. In this video, I will show you an example of this exact problem. the key troubleshooting tip is to start with interrogating your switch bridge forwarding table and compare it with the client or router arp table entries.

Tip when working with devices that support Ethernet and WIFI; in most cases, you use the WIFI for the initial configuration, then move the device to an Ethernet port. In these cases, I would recommend you clear the WIFI configuration details after you are certain the host is working properly with the wired connection.

Create a Wireshark Desktop Shortcut To Automatically Capture

 

Here's how to create a Windows desktop shortcut to automatically start capturing when you launch the Wireshark GUI

- Using Wireshark's editcap to Remove Duplicate Packets

 

Depending on how you capture packets, you may run into scenarios where you have duplicate packets caused by the nature of your tool's placement and network topology.

Do not confuse this with legitimate duplicate packets caused by network-related issues. We want to see those packets to resolve the issue.

Here, I use Wireshark editcap utility to remove duplicate packets.