Re: Transmission Latency Calculation

[Ed Beroset <beroset () mindspring com>]

Christopher Maynard wrote:
> Herb Falk <herb@...> <Herb@...> writes:
>
> > I am creating a dissector that needs to be able to calculate the transmission
> latency of a packet.
> > The protocol being dissected has the timestamp of the “transmission”, I need
> to be able to gain access to the time of capture of wireshark in order to
> calculate the difference.  Anybody know an example/documentation pointer?

I haven't done that exactly, but have used the tcp ACK round trip time 
to get some indication of latency.  I then used the statistical package 
R to do further analysis.  To get that information into text format for 
the analysis, I used tshark:

tshark -r sample.pcap -Tfields -eframe.number -eip.src -etcp.srcport 
-eip.dst -etcp.dstport -etcp.analysis.ack_rtt > rtt.txt

> I believe pinfo->fd->abs_ts has what you're looking for.  But you'll need the
> clocks of the transmitting and capturing devices to be synchronized in order to
> obtain any meaningful latency calculations.

That's true.  A possibly useful discussion on this issue (with relevance 
particularly to NTP) is here: http://www.eecis.udel.edu/~mills/stamp.html

Ed
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
            mailto:wireshark-dev-request () wireshark org?subject=unsubscribe