This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

QoS in TCP and UDP protocol

0

I have two files of captured traffic in wireshark. at the source (say 192.168.100.1) and the other is on the destination (192.168.100.6) and I want to ask you some questions about the QoS parameters in wireshark. end-to-end delay, jitter, throughput, and packet loss.

I have two scenarios, transfer files between computers and a video streaming using VLC (via RTSP protocol)

I believe that the file transfer use TCP protocol and video streaming use UDP and RTP protocol.

so far,

  • Transfer files (TCP)

throughput - in the Statistics -> Summary (done)

end-to-end delay, jitter, packet loss - I have no idea how to find that parameters.

  • video streaming (RTP)

throughput - Statistics -> Summary (done)

packet loss - Telephony -> RTP -> Show all streams

detected two RTP streams, <5% packet loss and the other has >40% packet loss (which one is correct?)

jitter and max delta has a value of 0 (is there another way to find this?) is this correct for an RTP protocol?

end-to-end delay - I have no idea how to find this parameter

Is there a way to find these missing parameters? I hope to get an answer here because I already posted a question before but did not get a response.

asked 25 Dec '14, 07:28

aikaza's gravatar image

aikaza
11224
accept rate: 0%

One Answer:

1

As Wireshark is primarily intended for network packet dissection its capabilities for high level analysis are somewhat limited. Anything that needs information from both captures it cannot analyze for you. Some protocols have relevant information in their information stream which helps analysis (eg. TCP retransmissions, RTP sequence numbering). If we go through these itemized:

  • TCP throughput: that can be derived from the protocol interaction at a single endpoint, hence is available.
  • TCP e2e delay, jitter, packet loss: Hard to do based on a single capture, apart from the packet loss maybe, as retransmissions would indicate as such. Not aware of a ready made analysis function right now.
  • RTP throughput: that can be derived from the protocol interaction at a single endpoint, hence is available.
  • RTP packet loss: Be aware, you use an Telephony analysis feature for video, that doesn't work. Unfortunately the RTP statistics are not profile aware and geared towards telephony only. And even then only the simplest cases.
  • RTP e2e delay: Hard to do based on a single capture.

So, even though it doesn't help you in the short run, it shows you that you need to go and understand how the analysis is done. Then, with the exported raw data, you could setup the analysis from that.

answered 25 Dec '14, 07:59

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

Thanks Jaap for your quick answer.

I apologize for the lack of information on my question. I mean I have two files (as a server and client) in both scenarios, so I have a total of 4 files.

Related to packet loss, do I really have packet loss if the retransmission successfully sent to the destination?

Since I have two files are needed, what parameters should be considered to obtain e2e delay, packet loss and jitter both TCP and RTP?

Last but not the least, where I can find the RTP packet loss and jitter other than through telephony analysis?

(25 Dec '14, 09:42) aikaza