Re: tcptrace Time Sequence Graphs

From: Shawn Ostermann (sdo@picard.cs.ohiou.edu)
Date: 01/10/05

• Next message: Paul Hyder: "Re: tcptrace Time Sequence Graphs"
• Previous message: YogB: "Re: tcptrace Time Sequence Graphs"
• In reply to: Vaishnavi Sannidhanam: "tcptrace Time Sequence Graphs"
• Next in thread: Ruhai Wang: "tcptrace How to Plot the Overall Averages ONLY for TPG and CWIN?"
• Reply: Ruhai Wang: "tcptrace How to Plot the Overall Averages ONLY for TPG and CWIN?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Subject: Re: tcptrace Time Sequence Graphs 
Date: Mon, 10 Jan 2005 11:24:20 -0500
From: Shawn Ostermann <sdo@picard.cs.ohiou.edu>
Message-Id: <20050110162421.0745645507E@picard.cs.ohiou.edu>

Vaishnavi Sannidhanam <vaishu@cs.washington.edu> wrote:

> I am plotting time sequence graphs of a tcp dump file. I am not quite sure
> as to what the green line gives....The user manual says that "Green Line
> keeps track of the ACK values received from the other endpoint". If I look
> at the graph I am getting, it appears as if, the other end point keeps on
> sending out a bunch of acks for a single seq no. I am attaching that file
> along with this mail. Please let me know if this is what it is saying.
>
> Also I was wondering what are a2b files and b2a files if I do a tcpdump just
> on the receiver?

I'll answer the 2nd question first. TCP provides a duplex protocol and
can be used for sending data in both directions. Because the mechanisms
that control the reliability and flow of data in those directions are
largely separate, for a connection between 'a' and 'b', tcptrace gives
information about the flow of data from a->b (in a2b) and b->a (in b2a).

There isn't enough information about the connection in the graph that
you sent to know much about the transfer that you're trying to
understand. The green line is indeed the acknowledgment line. That's
the receiver's way of say "yes, I got all of the data up through
sequence X". Because I'm seeing quite a few ACKs for the same sequence
number, I assume that you're looking at half of a duplex conversation
where most of the data is flowing in the OTHER direction. TCP includes
an ACK in every segment (except the first) whether it's useful or not,
so I would guess that most of those ACKs (the ticks on the green line)
are being carried along with DATA from the other side. Occasionally,
the side that you're looking at sends a little data too (since the green
line is moving up).

I hope that helps!

Shawn

-- 
-------------------------------------------------------------------------------
       Dr. Shawn Ostermann  -  EECS Department Chair  -  Ohio University
	 330 Stocker Center, Ohio University, Athens, Ohio  45701-2979
    ostermann@eecs.ohiou.edu -- FAX: (740)593-0007 -- Voice: (740)593-1566
 http://www.eecs.ohiou.edu/faculty/ostermann.html   http://www.eecs.ohiou.edu
				   

----------------------------------------------------------------------------
To unsubscribe, send a message with body containing "unsubscribe tcptrace" to
majordomo@tcptrace.org.

• application/pgp-signature attachment: stored

• Next message: Paul Hyder: "Re: tcptrace Time Sequence Graphs"
• Previous message: YogB: "Re: tcptrace Time Sequence Graphs"
• In reply to: Vaishnavi Sannidhanam: "tcptrace Time Sequence Graphs"
• Next in thread: Ruhai Wang: "tcptrace How to Plot the Overall Averages ONLY for TPG and CWIN?"
• Reply: Ruhai Wang: "tcptrace How to Plot the Overall Averages ONLY for TPG and CWIN?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : 01/10/05 EST