In 2020, Cai Cai led the team in a project focused on channel integration, connecting numerous channels and encountering a multitude of issues. Although the problems were varied, over time, many solutions were developed. Here, I will discuss one such case, hoping for your attentive listening.
Cai Cai and the team worked tirelessly for several days, and the project was finally ready to go live as scheduled.
As per the teamâs routine, the production environment needed to be prepared in advance before going live. Cai Cai arranged for Xiao Guo to ensure the network environment (database, domain access, etc.) was set up to avoid any unexpected issues during the launch.
Once the network was ready, the team deployed the application to production with a sense of joy. However, upon starting the application, they encountered a âConnection Resetâ error as soon as they made a callâŠ
Seeing this, Xiao Yu, a key member of Cai Caiâs team, sought confirmation from the third party, who insisted there was no issue⊠While Xiao Yu was negotiating with the third party, Cai Cai, with years of experience, quickly launched the Wireshark software.
Cai Cai skillfully entered common expressions in Wireshark to filter and expose the network issue, capturing evidence on the spot and presenting it to the third party, leaving them speechless.
Cai Cai wanted to convey that in technology, actions speak louder than words, and solving problems is the ultimate truth.
Based on Cai Caiâs experience, most issues when interfacing with third parties occur during the TCP connection establishment phase, specifically during the handshake. When a TCP connection fails to establish, the most reliable troubleshooting method is to use Wireshark for analysis. However, since handshake failures can manifest differently, solving them requires skill.
This technique (the aforementioned expression) can filter out packets with a Seq number of 1 and a Reset flag, usually indicating that the handshake request was rejected by the other party (the connection was refused during establishment).
Hereâs how it works in practice:
Right-click on the packet of interest, then select the Follow -> TCP Stream menu.
You can then display the entire failure process.
This technique (expression) can filter out retransmission handshake requests due to the other party not receiving them or the acknowledgment packet being lost.
Hereâs how it works in practice:
Right-click on the packet of interest, then select the Follow -> TCP Stream menu.
You can then display the failure process, clearly showing that the handshake failed because packet loss prevented 20.20.20.21 from receiving the handshake request.
âWhen you have eliminated the impossible, whatever remains, however improbable, must be the truth.ââSherlock Holmes. Troubleshooting with Wireshark is akin to Sherlock Holmesâ detective work. First, capture as many network packets as possible (from both client and server, leaving no detail unchecked), then look for clues within the packets, infer based on network protocols, and remove any human-concealed evidence to uncover the truth.
This discussion mainly focused on how to use Wireshark to pinpoint issues, hoping it helps everyone. Theoretical knowledge is always shallow; true understanding comes from practice. Some aspects may not be conveyed well and require self-analysis with Wireshark packet capture.
This Wireshark sharing ends here. To ensure no errors in the sharing, many documents, books, and official materials were consulted, summarized, and compiled for everyone, hoping it helps.