Hello
Greetings!
I was wondering if Ethereal has the ability to show the time a packet takes
to traverse a network by comparing two capture files
If you have systems that implement the ICMP record Timestamp option, you could try a
data capture on ping packets with this option. Linux doesn't, freebsd might, your routers
- wont know until you try...
We are currently using Cisco's IPM to collect/report network latency. The
problem that I frequently run into is vendors blaming performance problems
on the network and won't accept that results of this information. They are
convinced that the network is doing something to their application only
either through the use of ACL's or QoS. The graphs that could be produced
be this type of comparison would be specific to the vendors application and
a little harder to argue with the results.
Steve
The answer is TCPTRACE
I would recommend setting a filter on the application data (ex: source/dest IP:port or
whatever), exporting to tcpdump format and using the tcptrace program to graph the time
sequence and rtt.
Rgrds