Ethereal-users: RE: [Ethereal-users] Ethereal Response time measuring

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Steve Jones <sjones@xxxxxxxxxx>
Date: Thu, 31 Jul 2003 17:16:31 -0400
OK..  How's this for a theory...

I took my data set, which is a 300+ meg capture, and I ran the Ethereal
"Round Trip Time" graph, and the highest part of the scale is "0.2" which I
assume is measured in seconds.  Can I assume that what this is measuring is
the time between a TCP packet and the TCP acknowledge time of the same
particular packet going in one direction?  

If so, and the time did not go over 0.2 seconds in my two day capture, and
the users have experienced terrible response time during the same period, is
it reasonable to assume that the delay must have been in the processing in
the box?  

Thanks again in advance for letting me bounce ideas off of the experts!!!

-Steve

-----Original Message-----
From: Guy Harris [mailto:guy@xxxxxxxxxxxx] 
Sent: Thursday, July 31, 2003 2:49 PM
To: Steve Jones
Cc: 'ethereal-users@xxxxxxxxxxxx'
Subject: Re: [Ethereal-users] Ethereal Response time measuring


On Thursday, July 31, 2003, at 10:49 AM, Steve Jones wrote:

> I've got a Unix host that I do not control, but suspect that 
> performance problems are happening due to it being bogged down.  I 
> have successfully set up Ethereal to capture all telnet traffic, and 
> have aLOTof data to weed through. I saw on the web page that the 
> latest version has a function to report "response time" but I couldn't 
> find anything specific in the man pages to help with what I'm trying 
> to detect.

Unfortunately, it only reports response time for some protocols - and 
Telnet isn't one of them.  That's because Telnet isn't (other than when 
it's doing negotiation) a request/response protocol; it has no idea 
that, for example, a given character going in one direction is an echo 
of a character going in the other direction, and should be treated as a 
response to that character.  (It gets harder if multiple characters go 
in a single TCP segment and the corresponding characters weren't in a 
single TCP segment.)

I don't know, offhand, of any good way to do what you're trying to do.  
That doesn't mean it doesn't exist, it just means somebody else will 
have to be the one to suggest it; perhaps somebody will.