Hi all,
Thought I share something about this. tcptrace generally gives the same graphs as ethereal (e.g steven's plot). However, the detail stats for the graph would be slightly different especially for retransmission and out-of-order packets. The out-of-order packets perceived by ethereal would be retransmission packets to tcptrace and at times vice versa as per what I've experienced. So in order to verify those packets, which are the true retransmissions and which are the true out-of-orders, I *manually* check these packets in both server and client captures by their sequence number. And I find that tcptrace gives the accurate interpretation of them.
It would be quite easy if you have only a few of retransmission or out-of-order packets to verify, but imagine if you have hundreds of them!
So anyone knows if there's a program to do this client-server packet comparison/matching based on sequence number? What I mean is I just simply load
the server and clients captures, run some commands and it will give output like how many packets are matched, how many occured twice etc.
Thanks.
Hansang Bae <hbae@xxxxxxxxxx> wrote:
On 05:57 PM 3/23/2006, George Nychis wrote:
>I have tons of data captured from tcpdump and have been analyzing it with Ethereal. I was wondering if there are any other good programs to use in conjunction with Ethereal to generate graphs... such as window size over a specific flow... or maybe the number of retransmission plotted against time... things as such.
tcptrace of course comes to mind. But Ethereal's, Statistics, IO Graph also has the ability to chart window sizes. For example: http://wiki.ethereal.com/TcpPduTime
hsb
_______________________________________________
Ethereal-users mailing
list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users
Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates.