Trace a Network Fault - Packet Capturing Help...
So, we've got something generating a shed-load of traffic and killing our Internet connection. I've run a packet sniffer, but don't totally understand what I'm looking at, so was hoping for some help.
The only broadcasts detected (scanned from my PC and from the DC server, but can try elsewhere as people advise...) are ARP requests to/from the servers and Internet gateway, which are presumably okay. There are LOTS of bad SMB2 and TCP packets between my PC and the server with an "incorrect header checksum" which apparently might be caused by "IP checksum offload" - is that something to be concerned about?
I'll try port mirroring our Internet uplink too, since that seems to be where the issue is (that, or our Gig network is too fast for the bad packets/device to have a noticeable impact). That said, our DC server acts as DNS, so doesn't that mean that any Internet traffic would be visible from the server too?