Bootstrap FreeKB - Wireshark - Determine file transfer time
Wireshark - Determine file transfer time

Updated:   |  Wireshark articles

View the latency in a graph

  1. Select Statistics > I/O Graph.

If there is a spike

If the graph displays a spike, the spike represents a large number of packets being transmitted. When uploading or downloading a large file, a spike is normal.

A spike can be helpful is determining if the time to upload or download the file is normal. In this example, we can see that the spike started at 11 seconds and concluded at 24 seconds, meaning the spike duration was 13 seconds. We want to determine if it is normal for the file being uploaded or downloaded to take 13 seconds.

 

In the list of packets in Wireshark, identify the well-known port associated with the selected packet.

Port 80 - A spike on port 80 suggests a file being downloaded from a remote web server.

 

Port 445 - This is SMB or SMB2 traffic. This type of traffic is typically associated with a shared network drive. A spike on port 445 suggests a file being uploaded to or downloaded from a shared network drive.

For SMB traffic, let's take a scenario where you want to determine how long is should take to transfer a file from the local PC to the PC with the shared network drives. To determine how long it should take to transfer the file, you need to determine the size of the file being uploaded, and the connection speed between the local PC and the PC with the shared network drives. Let's say the file being upload is 1 megabyte (MB), and the connection speed is 1 Megabit per second (Mbps). 

Note: To determine the connection speed, you'll want to determine the maximum connection speed of the NIC in both computers, the connection speed of the network cables, and the connection speed of the interfaces on the switch.

Notice the the connection speed is 1 Megabit per second (Mbps) and the file size is 1 Megabyte (MB). There are 8 Megabits in 1 Megabyte, which means the file being uploaded is 8 Megabits. This means it should take 8 seconds to transfer the file. The graph shows it took 13 seconds to transfer the file. The reason it took 13 seconds instead of 8 seconds to transfer the file is because there is additional traffic on the network connection. This shows that the network is working as expected.

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


Add a Comment


Please enter 23979b in the box below so that we can be sure you are a human.