This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

question about tcp rate

0

Hi

I want to know , if I have a captured traffic file for a day, how can reach the statistics of

MAXIMUM CONCURRENT TCP CONNECTIONS
MAXIMUM TCP CONNECTIONS PER SECOND
MAXIMUM HTTP CONNECTIONS PER SECOND
MAXIMUM HTTP TRANSACTIONS PER SECOND

thanks

asked 14 Apr '14, 22:00

mosa's gravatar image

mosa
11446
accept rate: 0%

edited 15 Apr '14, 01:32

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237

One Answer:

0

MAXIMUM CONCURRENT TCP CONNECTIONS

Not that easy to count in Wireshark, as there is no such functionality

MAXIMUM TCP CONNECTIONS PER SECOND

Take a look at IO graphs: Statistics -> IO Graph. Count the packet rate with SYN flags (Filter: tcp.flags eq 0x02). This will actually show connection attempts. If a connection fails (no SYN-ACK), it will be counted as well, but for 'statistics' this shouldn't be a problem.

MAXIMUM HTTP CONNECTIONS PER SECOND

Same as TCP CONNECTIONS PER SECOND, just for port 80 (Filter: tcp.port eq 80)

MAXIMUM HTTP TRANSACTIONS PER SECOND

Please define what a HTTP transaction is in your environment.

Regards
Kurt

answered 15 Apr '14, 01:36

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%