Trisul's Blog

Network & Cloud Engineering Insights

Troubleshooting Network Latency: Advanced Diagnostics and Solutions

Written by Trisul ·

Master network troubleshooting techniques for identifying and resolving latency issues. This guide covers packet analysis with Wireshark, traceroute interpretation, QoS configuration, and optimization strategies for both LAN and WAN environments.

Latency Troubleshooting Methodology

  • Baseline Measurement: Establish normal performance metrics
  • Layer-by-Layer Analysis: OSI model systematic approach
  • Packet Analysis: Deep inspection with Wireshark
  • Path Analysis: Traceroute and MTR for route optimization

Step 1: Initial Latency Assessment

# Basic connectivity and latency testing
ping -c 10 8.8.8.8
ping -c 10 -s 1472 8.8.8.8  # Test with larger packets

# Continuous monitoring
ping -i 0.2 -c 100 target-server.com | tee ping-results.txt

# Test different packet sizes
for size in 64 128 256 512 1024 1472; do
  echo "Testing packet size: $size"
  ping -c 5 -s $size 8.8.8.8 | grep "time="
done

# Measure jitter and packet loss
mtr --report --report-cycles 100 target-server.com

# Test TCP connection establishment time
time telnet target-server.com 80

Step 2: Advanced Traceroute Analysis

# Enhanced traceroute with timing
traceroute -I -q 3 target-server.com

# TCP traceroute for firewall traversal
traceroute -T -p 80 target-server.com

# UDP traceroute with specific port
traceroute -U -p 53 target-server.com

# Paris traceroute for ECMP path discovery
paris-traceroute target-server.com

# Analyze traceroute results
#!/bin/bash
echo "Hop Analysis for $1"
traceroute $1 | while read line; do
  hop=$(echo $line | awk '{print $1}')
  ip=$(echo $line | awk '{print $2}')
  time1=$(echo $line | awk '{print $4}')
  time2=$(echo $line | awk '{print $6}')
  time3=$(echo $line | awk '{print $8}')
  
  if [[ $hop =~ ^[0-9]+$ ]]; then
    avg_time=$(echo "scale=2; ($time1 + $time2 + $time3) / 3" | bc)
    echo "Hop $hop ($ip): Average RTT = ${avg_time}ms"
  fi
done

Step 3: Wireshark Packet Analysis

# Capture packets with specific filters
# Capture HTTP traffic with timing analysis
tshark -i eth0 -f "port 80" -T fields -e frame.time_relative -e ip.src -e ip.dst -e tcp.analysis.ack_rtt

# Capture and analyze TCP handshake timing
tshark -i eth0 -f "tcp[tcpflags] & (tcp-syn|tcp-ack) != 0" -T fields -e frame.time_relative -e ip.src -e ip.dst -e tcp.flags

# Analyze TCP window scaling and congestion
tshark -i eth0 -f "host target-server.com" -T fields -e frame.time_relative -e tcp.window_size -e tcp.analysis.bytes_in_flight

# Wireshark display filters for latency analysis
# High RTT connections
tcp.analysis.ack_rtt > 0.1

# TCP retransmissions
tcp.analysis.retransmission

# TCP duplicate ACKs
tcp.analysis.duplicate_ack

# TCP zero window
tcp.analysis.zero_window

# Out of order packets
tcp.analysis.out_of_order

Step 4: Network Interface Analysis

# Check interface statistics
ip -s link show eth0
cat /proc/net/dev

# Monitor interface errors and drops
watch -