Wireshark mailing list archives
Re: how to get round trip time and identify FIN-ACK and ACK pairs
From: Stuart Kendrick <skendric () fhcrc org>
Date: Tue, 26 Jun 2012 04:53:58 -0700
Hi Martin,
I've been following this thread with interest ... but I'm stumbling on
the solution you sketch.
I'm in IO Graphs, I've assigned the Filter "tcp.analysis.ack_rtt" to
Graph 1, and I see a chart which, for my trace, wanders around an
average value of ~400 for a Tick interval of .1s, ~40 for a Tick
interval of .01s, and ~4 for a Tick interval of .001s Glancing through
the trace ... I might buy the idea that time between ACKs averages ~40us
...
==> How do I know what units Wireshark is using on the y-axis?
Alternatively, perhaps you are suggesting a way to produce a CSV file
containing these RTT calculations, from which I could calculate AVG,
MEAN, MEDIAN, etc.
==> But I don't see how to do that, i.e. how to produce a CSV file
listing 'tcp.analysis.ack_rtt' for each ACK.
And perhaps I'm not following you at all
==> Would you elaborate on the analysis technique you sketched below?
--sk
Stuart Kendrick
FHCRC
On 6/21/2012 3:33 AM, Martin Isaksson wrote:
Hi, try the tcp.flags.fin==1, tcp.stream, tcp.analysis.ack_rtt and tcp.analysis.acks_frame fields. Regards, Martin ------------------------------------------------------------------------ *From:* wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] *On Behalf Of *esolve esolve *Sent:* den 21 juni 2012 12:01 *To:* wireshark-users () wireshark org *Subject:* Re: [Wireshark-users] how to get round trip time and identify FIN-ACK and ACK pairs so nobody has any idea? the intuitive idea is to use sequence number/ack number, but it may be a bit troublesome, any other ideas? thanks 2012/6/20 esolve esolve <esolvepolito () gmail com <mailto:esolvepolito () gmail com>> Hi, all, I want to get round trip time distribution from a pcap file. My idea is to compute each round trip time for each pair of data packets and ack packets. But the difficulty is to identify the pairs, namely, for each data packet(ack packet) I need to find the corresponding ack packet(data packet). How can I achieve this? Besides, for the find tcp tear-down process, how to identify each FIN-ACK and ACK pair? thanks! ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- how to get round trip time and identify FIN-ACK and ACK pairs esolve esolve (Jun 20)
- Re: how to get round trip time and identify FIN-ACK and ACK pairs esolve esolve (Jun 21)
- Re: how to get round trip time and identify FIN-ACK and ACK pairs nangergong (Jun 21)
- Re: how to get round trip time and identify FIN-ACK and ACK pairs Martin Isaksson (Jun 21)
- Re: how to get round trip time and identify FIN-ACK and ACK pairs Stuart Kendrick (Jun 26)
- Re: how to get round trip time and identify FIN-ACK and ACK pairs Martin Isaksson (Jun 26)
- Re: how to get round trip time and identify FIN-ACK and ACK pairs esolve esolve (Jun 21)