Ask Your Question
0

How to get average rtt out of tcp conversation or import rtt values to the excel?

asked 2018-06-15 00:49:56 +0000

Alex275 gravatar image

Hello,

I want to get average rtt information from the certain tcp conversation. I know that is possible to see rtt from TCP Stream Graphs or I/O Graphs and estimate average based on this. But I want an accurate number for it.

And if there is no way get the average rtt in wireshark directly, is there way to import the rtt values used by Graphs to make calculations manually (excel).

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-06-15 05:00:49 +0000

NJL gravatar image

updated 2018-06-21 17:46:11 +0000

grahamb gravatar image

Hi,

You can use the IO graph with the "tcp.analysis.ack_rtt" display filter in the "Y field", select "AVG(Y Field)" in the "Y Axis" drop-down and choose display filter (to focus on the TCP session of interest), interval, Style etc. as you see fit. If you want to export it to Excel, you can click save As, and select it as .csv and the import it into Excel.

The same can be done using command line, with tshark:

tshark -Y "display-filter to focus on the TCP session of interest" -r <inputfile> -Tfields -e "tcp.analysis.ack_rtt"

This will print the ACK_RTT values and you can then export that to a file and again import it into Excel.

edit flag offensive delete link more

Comments

Thanks for replies. As I understand, tcp.analysis.ackrtt takes only acknowledgement RTTs. But after filtering tcp.analysis.ackrtt a get number of results less than the number of acknowledgements I got.
Could we say that avg rtt among all ack packets is avg rtt of all packets in the conversation?

Alex275 gravatar imageAlex275 ( 2018-06-22 01:57:50 +0000 )edit

Not entirely sure what you mean. Are you able to share the capture file?

NJL gravatar imageNJL ( 2018-06-22 09:10:33 +0000 )edit

Sorry, probably my misunderstanding. The number of ACK is ok. But my server has sent 65084 packets and received 427 571 packets back.

https://drive.google.com/open?id=1xwe...

And the number of ACK RTT that I got after using tshark command as you send was ~11000. Average RTT there was equal 111ms. But from TCP Stream Graph it doesn't look like this correct rtt.

https://drive.google.com/open?id=1Rie...

Alex275 gravatar imageAlex275 ( 2018-06-24 07:26:57 +0000 )edit

I would appreciate the full capture file if I am to help you analyze this as I much prefer it to screen captures. If the capture contains sensitive/confidential data, you can sanitize it with TraceWrangler.

NJL gravatar imageNJL ( 2018-06-29 18:05:37 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2018-06-15 00:49:56 +0000

Seen: 5,797 times

Last updated: Jun 21 '18

Related questions

ACK_RTT for packet send from server

how to measure network and server latency

What is wrong with my internets?!

Creating a RTT Graph

Need to analyze TCP congestion and latency related issues

Performance issue with SQL based application, suspect client side connectivity.

How to switch Mac OS NIC to monitor mode during use internet

Analyzing in Excel

Problems while exporting to csv

Wireshark equivalent of TSecr?