 | 1 | initial version |
The RTT of a connection could be calculated if there is a protocol present that will give a good indication. Like a 3-way-handshake in TCP. Then the time between the SYN and the final ACK is a good indication of the RTT of the connection (regardless of where in the path you are making the capture). Wiireshark will report on that with the field tcp.analysis.initial_rtt (which can be found under TCP/[SEQ/ACK analysis]).
If there is no TCP traffic you will need to see if there is another Request/Response protocol for which you know the processing time on each end is minimal (otherwise you are measuring RTT + server response time). And then you need to take into account the place where you captured the packets. If you are close to the system sending the request, then you are OK. If you move the capture point towards the responder side of the connection, the RTT will of course become less and less accurate (to a point of being of no use).
So, in short, there is not an one-size-fits all way to find the RTT, but analyzing the packets in a trace might give you a very good indication.
