-
网络基本功(二十七):Wireshark抓包实例分析HTTP问题(上)
转载请在文首保留原文出处:EMC中文支持论坛https://community.emc.com/go/chinese
HTTP的问题可能是由于慢速服务器或客户端,TCP性能问题,本文讨论上述问题以及其他可能因素。
诊断过程:
浏览网页性能变差的原因有很多,需要逐步分析。步骤如下:
- 首先,不仅要确认网络负载状况,还要注意通信链路上的出错率,以及导致性能变差的最明显的表现;
- 诊断TCP问题,检查以下细节:
- 在Expert info窗口,确保没有太多重传以及重复ACK(百分之0.5至0.8尚可忍受)。
- 确保HTTP连接上没有reset,可能由于防火墙或站点限制引发。
3. 确保没有以下DNS问题:
- 慢速响应时间
- 域名未找到
如果以上均不适用,就需要对HTTP深入研究。
注意:将网络和IT环境看作一个整体。对于慢速网络浏览应用,TCP问题亦不能分离于HTTP,DNS问题。可能是由于慢速HTTP服务器,因服务器的慢速响应而产生了TCP重传。或者,由于DNS慢速服务器,打开网页可能需要好几秒钟。一步步定位问题就好了。
当你第一次打开一个网页,可能需要几秒钟。在这种情况下,应当查看以下情况:
- 检查线路是否过载
- 检查线路延时(通过ping工具)
- 查看错误代码,通常能看到浏览器报错原因,但并不总是能看到。
- 配置过滤器http.response >= 400并查看有多少错误。以下章节,你会看到需要注意的示例。
Informational codes:
Success codes:
Redirect codes:
Network Analysis Using Wireshark Cookbook
-
181. Re: 网络基本功系列:细说网络那些事儿(2月9日更新)
Zhang,Jiawen 2015-3-9 下午11:24 (回复 Zhang,Jiawen)网络基本功(二十八):Wireshark抓包实例分析HTTP问题(下)
转载请在文首保留原文出处:EMC中文支持论坛https://community.emc.com/go/chinese
本文承接上文。
Client errors:
Code
Status
Explanation
What to do
400
Bad request
The request could not be understood by the server due to a syntax problem. The request should be modified by the client before resending to it.
Check the website address. This can also happen due to a site error.
401
Authorization required
The client is denied access due to the lack of authentication codes.
Check your username and password.
402
Payment required
Reserved for future use.
403
Forbidden
The client is not allowed to see a specific file. This can be due to the server access limit.
Check the credentials. Also, there are fewer chances that the server is loaded.
404
Not found
The requested resource could not be found.
This can be because the resource was deleted, or it never existed before. It can also be due to URL misspellings.
405
Method not allowed
The method you are using to access the file is not supported or not allowed by the resource.
406
Not acceptable
Content generated by the resource is not acceptable according to the client request.
Check/update your browser.
407
Proxy authentication required
Request authentication is required before it can be performed.
The client must first authenticate itself with the proxy.
408
Request timed out
It took the server longer than the allowed time to process the request.
Check response time and load on the network.
409
Conflict
The request submitted by the client cannot be completed because it conflicts with some established rules.
Can be because you try to upload a file that is older that the existing one or similar problems. Check what the client is trying to do.
410
Gone
The URL requested by the client is no longer available from that system.
Usually this is a server problem. It can be due to a file that was deleted or location was forwarded to a new location.
411
Content length required
The request is missing itsContent-Length header.
Compatibility issue on a website. Change/update your browser.
412
Precondition failed
The client has not set up a configuration that is required for the file to be delivered.
Compatibility issue on a website. Change/update your browser.
413
Request entity too long
The requested file was too big to process.
Server limitation.
414
Request URI too long
The address you entered was overly long for the server.
Server limitation.
415
Unsupported media type
The file type of the request is not supported.
Server limitation.
以下示例是一个简单的客户端报错。按照以下步骤进行操作:
- 右键有报错的报文。
- 选择Follow TCP stream,会看到以下窗口:
3. 显示以下内容:
- 客户端尝试浏览URI/poker-client/broadcast.htm(如截屏中1和3所示)
- URI通过http://www.888poker.com/poker-client/promotions.htm转发(截屏中2所示)
- 状态码为404 Not Found(如截屏中4所示)
Client errors:
Code
Status
Explanation
What to do
500
Internal server error
The web server encountered an unexpected condition that prevented it from carrying out the client request for access to the requested URL.
Response that is usually caused by a problem in your Perl code when a CGI program is run.
501
Not implemented
The request cannot be executed by the server.
A server problem.
502
Bad gateway
The server you're trying to reach is sending back errors.
A server problem.
503
Service unavailable
The service or file that is being requested is not currently available.
A server problem.
504
Gateway timeout
The gateway has timed out. This message is like the 408 timeout error, but this one occurs at the gateway of the server.
Server is down or nonresponsive.
505
HTTP version not supported
The HTTP protocol version that you want to use for communicating with the server is not supported by it.
Server does not support the HTTP version.
服务器不可用(错误代码503)可能有多种原因。以下示例是一个小办公室碰到的问题:员工能够访问Facebook,但当他们点击站点上的链接,则显示页面被拦截。以下截屏中,可看出页面被防火墙拦截:
工作原理:
标准的HTTP浏览模式如下:
- TCP打开连接(三路握手信号)
- HTTP发送GET命令
- 数据下载到浏览器
在一个网页打开多个连接的情况下(大多数网页都是如此)。每个连接需要一个DNS 查询,响应,TCP SYN-SYN/ACK-ACK,以及HTTP GET。之后数据才会出现在显示屏上。
当你在packet detail面板没有看到显示内容时,右键报文并选择Follow TCP stream,会看到连接的细节数据。另一个广泛应用的工具是Fiddler,Fiddler是HTTP故障排查的免费工具。
Network Analysis Using Wireshark Cookbook
Wireshark抓包实例分析HTTP问题
最新推荐文章于 2024-08-12 14:56:29 发布
https://community.emc.com/message/870552#870552