Using tcpdump to Pinpoint Online Network Anomalies
This guide explains how tcpdump, built on libpcap and the kernel BPF filter, can capture packets at the network stack, compares it with Wireshark, shows practical filtering syntax, performance considerations, typical use‑cases such as TCP retransmission, DNS timeouts and TLS handshake failures, and provides scripts and best‑practice recommendations for production‑grade troubleshooting.
