Solved

(urgent) Ethereal TCP Throughput Graph calculation

Posted on 2003-10-29
9
1,202 Views
Last Modified: 2013-11-29
Ethereal can show a graph of the throughput of a singe TCP connection. How is the Y value of each dot calculated?
I know this is an application question but it seemed more likely that the networking experts would be able to answer this one.

I googled and found similar questions, but never any answer to them.

I figured out the following already:
- every dot represents an incoming packet
- the Y value is NOT the packet size divided by the time elapsed since the last packet arrived.
- the first 20 Y values are "simply" the average so far: Y-value = ((packet number) * 524) / (X-value)
  (you may assume that all packets are size 524)

So if the first packet arrived after 1 sec, the Y is 524 Bytes/sec. If the second then arrives at X = 1.44 sec, the Y-value is 2*524 / 1.44 = 727 Bytes / sec.

But the formula results start to differ after about 20 packets. I thought about a sliding window that averages the last 20 packets and tried the following:
etime = this packet arrival time
stime = arrival time of (this packet number - 20)
if packetnumber > 20
Y-value = 20 * 524 / (etime - stime)

Thereby averaging over the interval of the last 20 packets, but that formula also fails when applied to the following values that I see in my graph:
pkt number   -   pkt arrival time   -  graph value (read from screen)
1    - 1.03    - 524
2    - 1.44    - 730
3    - 2.55    - 630
4    - 2.66    - 790
5    - 3.06    - 860
..
20   - 7.29   - 1437
21   - 7.53   - 1462
22   - 7.74   - 1669
23   - 8.11   - 1627
24   - 8.33   - 1674
25   - 8.53   - 1905

It feels like I'm close, does anyone know what the actual formula is or can anyone think of a formula that will closely estimate the values I read from the graph?

I'm gonna look at the source code now, but that might take me a while..
0
Comment
Question by:OnixExp
  • 4
  • 3
9 Comments
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
0
 
LVL 4

Author Comment

by:OnixExp
Comment Utility
That's exactly where I found the two questions posted in 2002 and 2003 that both received no answer at all so I'm not very hopeful that it will give any result at all :(
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
Have you checked in their developer mailing list?
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 4

Author Comment

by:OnixExp
Comment Utility
Nope, I just googled. Looking at the source code I found the answer I believe though. They are indeed sliding an averaging window of 20 packets over the connection and calculating from there. I'm gonna redo my calculations to see why it didn't come out like I first thought it should.
0
 
LVL 4

Accepted Solution

by:
OnixExp earned 0 total points
Comment Utility
Okay, figured it out for who's interested. Technically the source also counts the SYN and last ACK from the handshake. But for some reason the averaging is done over 22 packets, not 20. That means a general formula that assumes all packet sizes are 524 can only be applied to packet number 24 and over (because the last 22 are measured, and the first two are zero).

The Y value of packet(nr) is therefore calculated as:

(nr <= 22, and numbering starts at 1):
(nr - 2)*524 / arrival_time(nr)

special SYN/ACK case (22 < nr <= 24):
(nr - 2)*524 / (arrival_time(nr) - arrival_time(nr-22))

formula (nr>24):
22 * 524  / (arrival_time(nr) - arrival_time(nr-22))

To verify, my original numbering scheme needs to be adjusted to take into account the SYN and ACK that are being counted too:
1    - 0     (SYN)
2    - 0.8  (ACK)
3    - 1.03    - 524  ~ ((3-2)*524)/1.03
4    - 1.44    - 730  ~ ((4-2)*524)/1.44
5    - 2.48    - 630  ~ ((5-2)*524)/2.48
..
22   - 7.29   - 1437
-------------------- (special case)
23   - 7.53   - 1462  ~  (23-2)*524 / (7.53 - 0)   = 1461  OK
24   - 7.74   - 1669  ~  (24-2)*524 / (7.74 - 0.8) = 1661 OK
-------------------- (formula)
25   - 8.11   - 1627  ~  524 * 22 / (8.11 - 1.03) = 1628  OK
26   - 8.33   - 1674  ~  524 * 22 / (8.33 - 1.44) = 1673  OK
27   - 8.53   - 1905  ~  524 * 22 / (8.53 - 2.48) = 1906  OK
0
 
LVL 4

Author Comment

by:OnixExp
Comment Utility
D'oh, no need for special case:
1    - 0     (SYN)
2    - 0.8  (ACK)
3    - 1.03    - 524  ~ ((3-2)*524)/1.03
4    - 1.44    - 730  ~ ((4-2)*524)/1.44
5    - 2.48    - 630  ~ ((5-2)*524)/2.48
..
22   - 7.29   - 1437  ~  (22-2)*524/7.29
23   - 7.53   - 1462  ~  (23-2)*524/7.53 = 1461  OK
-------------------- (formula)
24   - 7.74   - 1669  ~  524 * 22 / (7.74 - 0.8) = 1661 OK
25   - 8.11   - 1627  ~  524 * 22 / (8.11 - 1.03) = 1628  OK
26   - 8.33   - 1674  ~  524 * 22 / (8.33 - 1.44) = 1673  OK
27   - 8.53   - 1905  ~  524 * 22 / (8.53 - 2.48) = 1906  OK
0
 
LVL 35

Expert Comment

by:ShineOn
Comment Utility
PAQ and refund sounds like a plan.
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Join & Write a Comment

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now