Before you are able to use Wireshark to identify network issues, you first need to understand the normal packets in Wireshark. In this instance, normal means a very common packet that is not suggestive of some issue. Once you understand the normal packets in Wireshark, you will then be able to locate packets that are not normal, to identify network issues.

ARP (Address Resolution Protocol) packets are normal. These packets are used to resolve the address of a device inside a network.

DNS (Domain Name Service) packets are normal. These packets are used to resolve a domain name to an IP address.

SSDP (Simple Service Discovery Protocol) packets are normal. These packets are used to discover Plug and Play devices.

STP (Spanning Tree Protocol) packets are normal. These packets prevent packets from getting caught in an endless loop in a router.

TCP 3 Way Handshake. A SYN packet from the client to the server, followed by a SYN, ACK packet from the server to the client, followed by an ACK packet from the client to the server is normal. This is the 3 way handshake.