Wireshark-users: Re: [Wireshark-users] Fwd: sequence number and packet id
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Sat, 12 Apr 2008 16:44:59 -0700
Fabiana moreno wrote:
AHHHHHHHHHHHHHHHH!!!!!!!! Thanks!!! and if i want to calculate the end-to-end delay or latency of the packets, where end to end or latency mean; the time that takes the packet to travel from the server to the client, can i use something similar?... 
You can't use a single capture, if that's what you mean.
You can detect packet loss by capturing traffic on the *receiving* machine (capturing on the *sending* machine won't show you packets dropped by the network or by the receiving machine). 
You can't determine end-to-end latency without knowing the time when a 
particular packet was sent (which you would need to get from a capture 
on the sending machine) and the time when it was received (which you 
would need to get from a capture on the receiving machine).  You would 
need to look for packets in the sending capture and the receiving 
capture that have:

	the same source and destination IP addresses;

	the same source and destination UDP ports;

	the same RTP sequence number;


and compute the difference between the time stamp in the sending capture 
and the time stamp in the receiving capture.

(Note that if there's a NAT box between the sending and receiving 
machine, that won't work - you'd either have to find out what the NAT 
box did to the IP addresses and UDP ports, or assume that there's only 
*one* stream being received by the receiving machine.)