To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

1 © Nokia Siemens Networks 2012

For internal useUnique document identifier (ID) / Version number / Life cycle status

利用 wireshark进行数据分析

Dept. / Author / Date

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

2 © Nokia Siemens Networks 2012

简介1. 找到用户的 IP 地址以及端口号2. 根据 IP 地址过滤用户数据包3. 根据 IP 地址 & 端口号过滤用户数据包4. 保存过滤后的数据5. 过滤重传包6. 如何判断丢包7. 过滤乱序包8. 过滤 Duplicate ACK9. 快速得到 TCP 下载速率列表

Dept. / Author / Date

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

3 © Nokia Siemens Networks 2012

1、找到用户的 IP地址以及端口号CDS 软件的 IP packets 窗口可以看到用户的 IP 地址以及端口号

Dept. / Author / Date

10.0.0.172 是 WAP 网关的 IP 地址，端口号为 80 ；10.180.107.141 是手机的 IP 地址，端口号为 1824 ；

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

4 © Nokia Siemens Networks 2012

2、根据 IP地址过滤用户数据包方法一： Gn/Gi 接口的数据包，输入条件 ip.addr==10.145.8.245

Dept. / Author / Date

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

5 © Nokia Siemens Networks 2012

2、根据 IP地址过滤用户数据包方法二：选中要过滤的参数→点右键→ apply as filter →selected

Dept. / Author / Date

(2) 生成过滤条件以及结果 : (1) 选择过滤的参数

注意：只有单方向的包(3) 修改过滤条件如下： (ip.dst == 10.145.8.245)||(ip.src==10.145.8.245)

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

6 © Nokia Siemens Networks 2012

3、根据 IP地址 &端口号过滤用户数据包一次 PDP 激活可能进行了很多次的数据下载，因此需要通过用户侧的端口来区分方法一：输入条件 (ip.addr==10.145.8.245)&&(tcp.port==1475)

Dept. / Author / Date

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

7 © Nokia Siemens Networks 2012

3、根据 IP地址 &端口号过滤用户数据包方法二：在已过滤出 IP 地址的基础上，选中要过滤的参数 source port→ 点右键→ apply as filter

→ and selected

Dept. / Author / Date

(2) 生成过滤条件以及结果 : (1) 选择过滤的参数

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

8 © Nokia Siemens Networks 2012

3、根据 IP地址 &端口号过滤用户数据包方法二：

Dept. / Author / Date

(3) 修改过滤条件如下：((ip.dst == 10.145.8.245) && (tcp.dstport == 1475))||((ip.src == 10.145.8.245) && (tcp.srcport == 1475))

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

9 © Nokia Siemens Networks 2012

4、保存过滤后的数据• 选择菜单 :File →Save as… ，显示对话窗口如右图所示• 在 packet range ，选择 Displayed ，如红框所示• 输入要保存的文件名• 点击 Save 按钮

Dept. / Author / Date

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

10 © Nokia Siemens Networks 2012

5、过滤重传包过滤条件： expert.message == "Retransmission (suspected)"

Dept. / Author / Date

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

11 © Nokia Siemens Networks 2012

6、如何判断丢包

Dept. / Author / Date

③对于每一个数据包来说，即使他们的 TCP Sequence 是相同的，他们的 IP identification （简称 IP_ID ）却是唯一的，这是我们在其他端口 (Gb, Gn) 排查该数据包是否丢失的主要依据。

Gi

找到 Gi 口标示为重传的包序列号①

② 过滤该序列号的包

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

12 © Nokia Siemens Networks 2012

6、如何判断丢包

Dept. / Author / Date

Gn

Gb

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

13 © Nokia Siemens Networks 2012

7、过滤乱序包过滤条件： expert.message == "Out-Of-Order segment"

Dept. / Author / Date

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

14 © Nokia Siemens Networks 2012

8、过滤 Duplicate ACK

当手机端没收到某个包，当收到后续包时，会发送 Duplicate ACK 提示服务器端进行重发。过滤条件： expert.message == "Duplicate ACK (#1)"

Dept. / Author / Date

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking

15 © Nokia Siemens Networks 2012

9、快速得到 TCP下载速率列表选择菜单 statistics → Conversation list → TCP(IPv4 & IPv6)

Dept. / Author / Date

端口端口 速率时长字节数

拷贝后 , 可粘贴到 excel 文件中，利用数据分列，得到列表

To change the document information in the footer, press [Alt + F8] and use the „Nokia_Siemens_Networks_–_Change_Document_Information“ macro or click You can setup the color/gradient and outline style of selected shapes with the “Shape_set_color_and_gradient” macro, or by clicking