Hi, Question is related to delay calculation,lets say in a one session i have RTT of 1 ms and total time taken for session is 32 seconds due to delay,retransmission etc.Is there any way to find out total time taken by packets who have more than 10ms delay or accumulated time of all packets with more than 10ms delay.I can find out packets with more than 10ms delay with tcp.time_delta but it doesnt not show total time by all such packet but it just shows percentage of such packet.Help is really appreciated. asked 08 May '14, 00:25  kishan pandey |
One Answer:
You could filter for the tcp stream, export the packets as CSV and calculate the total delay in Excel or if you want something more complex use tshark in a script. For a quick sum under Linux try this command: answered 10 May '14, 11:09  Roland edited 10 May '14, 11:23 Thanks roland,can we do the same thing with tshark in windows (13 May '14, 23:10) kishan pandey You should be able to do it in PowerShell, but I don't know the exact syntax. (14 May '14, 09:31) Roland 2 Powershell: Define your limit and stream index:
Then execute:
Note I've switched to -Y for the filter expression as -R requires a (15 May '14, 03:11) grahamb ♦ Excellent,thanks graham,for your valuable help (16 May '14, 22:16) kishan pandey |
I'm sorry, but I don't understand what you are asking. As nobody answered, I'm probably not the only one.
Please add or more details or a better description of your 'problem'.
What i want to know is that in a one tcp stream if we do summary it shows us multiple details like total conversation time,bytes/sec,packets/sec etc but if i add a filter tcp.time_delta ge 0.200 and if i see summary again it only shows total no. of displayed packet but not the accumulated time of all those filtered packets.This is just to see that how much delay is being added by all packets with more than 200 ms delay.