Network Troubleshooting Using Wireshark- For Mobile Operators Switching Departments
Description The purpose of the course is to provide the participant with extensive knowledge in network troubleshooting in Cellcom's switching environment. The course starts with the TCP/IP protocols stack, then with Wireshark basics and advanced features, and ends with using Wireshark for troubleshooting common media and signalling protocols.
Objectives By the end of the course, the participant will be able to:
Understand the TCP/IP protocol stack, including IP, TCP/UDP and SCTP
Perform data capture with Wireshark
Set up various display and capture filters
Use statistical tools and software to detect network failures
Use the software I/O graphical tools
Use TCP and UDP Stream graphs
Use Telephony RTP/RTCP and SCTP analysis
Use Telephony VoIP and SIP analysis
Use GSM and SMPP analysis
Topics
TCP/IP and SCTP
Wireshark
SIGTRAN and signaling analysis
VoIP protocol analysis
SMPP and messaging protocols analysis
Target Audience R&D, engineering and technical Support, IT and communication Managers
Prerequisites Deep knowledge of the TCP/IP protocol stack. The participants should bring their laptops with Wireshark software (free download from the site - www.wireshark.org)
Course Duration 4 Days
Course Outlines
PART 1 (DAY 1) – Introduction to TCP/IP:
Introduction to TCP/IP
The TCP/IP Protocol stack
Standards and organizations
Packet and data structure
IP – The Internet Protocol
Introduction
Packet structure
ARP – Address resolution Protocol
IP addresses
Address classes and classless addresses
VLSM and CIDR
NAT and DHCP
Routers and routing protocols
Routing basics
Protocol types – IGP and EGP
Dynamic ad Static routing
Link-state and Distance-Vector protocols
UDP, TCP and SCTP
Introduction
L4 behaviour
Ports and Sockets
UDP – User Datagram Protocol
Introduction
Packet structure and examples
TCP – Transport Control Protocol
Introduction
Packet structure
TCP State machine
The sliding window mechanism
Flow and congestion control – slow start, congestion control and fast-recovery mechanisms
TCP Performance analysis and tuning – RTO and retransmissions, Duplicate ACKs, Window-size operations
SCTP – Stream Control Transmission Protocol
Introduction and applicability
Packet structure and messages (INIT and INIT-ACK, SACK, HEARTBEAT and HEARTBEAT-ACK, ABORT, SHUTDOWN, SHUTDOWN-ACK and SHUTDOWN COMPLETE, ERROR, COOKIE and COOKIE ACK
SCTP State Machine
Data transmission – flow and congestion control, Slow start and congestion avoidance
Multi-homing and associations, path and peer monitoring, path selection and streams
PART 2 (DAY 3-4) - Wireshark:
Introduction to Wireshark
How Wireshark Works
Capturing Packets
Configuring Global Preferences
Navigation and Colorization Techniques
Examining Basic Trace File Statistics
Save, Export and Print
Capture and Display Filters
Capture filters – basics and filter language
Display filters – basics and filter language
Useful filters
Case studies
Using Time Values and Summaries
Use the default time column setting and precision
Use time between packets
Set a time reference and view capture times
Troubleshooting timing problems
Case studies
Using Statistics Tools
Create I/O graphs
Create TCP Time-Sequence graphs
Analyze flow graphs
Evaluate service response times
Create Round-Trip Time graphs
Analyze TCP/IP flows
Analyze applications flows
The Expert System
Normal and un-normal Network Communications
Packet Losses, Ack to longs and Retransmissions
Previous Segment Lost and Out-of-Order Segments
Duplicate ACKs and Fast-retransmissions
RTO (Retransmission Time-Out) and TCP Retransmissions
TCP Window issues – Zero window and Window changes
Selective ACK analysis
Bandwidth Issues
Bandwidth measurement
User/flow throughput calculations
Applications throughput calculations
Bandwidth and throughput problems
Latency Issues
The primary points in calculating latency
Plotting high latency times
Free latency calculators
Using the frame.time_delta filter
PART 3 (DAY 4) – Signaling and Multimedia analysis
.jpg?id=3589855)