top of page

Wireshark Week - Troubleshooting Performance in the Cloud

While the decision to move to the cloud rarely involves them, supporting end-user issues often falls to the network team. Migrating an application to a Virtual Private Cloud (VPC) could leave engineers in the dark, lacking visibility and insight to diagnose and resolve user issues. The good news is that with a bit of planning and some lateral thinking, we can still use packets to see into the cloud.


There are two main factors affecting our ability to analyse network traffic in a cloud environment. The first is component location:

  • Single Cloud - all components are hosted in a single VPC

  • Multicloud - where application components are hosted by more than one cloud provider

  • Hybrid - where some application components are retained onsite

The second complicating factor is the type of hosting or platform service used. These service types become progressively more abstract. Using Amazon Web Service (AWS) offerings as an illustration:

  • EC2 i3.metal - a bare metal server offering for customers with particular needs

  • EC2 - a virtual machine running Linux or Windows

  • Fargate - a managed Docker container service

  • Elastic Beanstalk - a managed application server

  • Lambda - serverless code execution

As we progress down the list we get further away from the underlying infrastructure. The situation is further complicated because as we move down this list there is a big increase in the dynamic nature of the application execution. Docker containers will start on one machine and may then move to another, and who knows where your Lambda application will run.

Is Packet Capture Needed?

Based on our experience at Advance7, the short answer is yes - packet capture is still needed. The cloud platform provides helpful tools but there are gaps. Here are three examples where we have needed packet captures:

  • Troubleshooting a web application performance problem caused by exceeding a remote file system quota

  • Troubleshooting slow execution of a Business Intelligence (BI) system running in a hybrid configuration

  • Determining why first access to a containerised workflow application threw 502 Gateway Timeout errors

Viavi Wireshark Week

Wireshark Week is a full week of webinars designed just for Wireshark users. This year, I'll be presenting alongside Chris Greer and Ross Bagurdes.

In my session I'll share strategies for using Wireshark in cloud situations to regain control of performance. We'll look at the practicalities of network packet capture and how this data can be supplemented with other information. We'll also look at using Wireshark traces to troubleshooting problems with SaaS applications such as Office 365 and Salesforce.

See for details of speakers and subjects.

bottom of page