All geek questions in one place

Extract TCP Rounding Time (RTT) Estimates on Linux

I have an Apache server running on Ubuntu. The client connects and downloads the image. I need to extract RTT estimates for a basic TCP connection. Is there any way to do this? Maybe something like starting my tcp stack in debug mode so that it writes this information somewhere?

Please note that I do not want to run tcpdump and extract RTT from the recorded trace! I need RTT estimates of the TCP stack (apparently this is part of the information you can get with the TCP_INFO socket option). Basically, you need something like tcpprob (kprobe) to insert a hook and record the estimated RTT TCP connections for each incoming packet (or every change).

UPDATE

I have found a solution. rtt, the overload window, and more can be registered with tcpprobe. I posted the answer below.

+7
source share
2 answers

This can be done using tcpprobe , which is a module that inserts a hook into the tcp_recv processing path, using kprobe records the status of the TCP connection in response to incoming packets.

Suppose you want to check the tcp connection on port 443, you need to do the following:

sudo modprobe tcp_probe port=443 full=1 sudo chmod 444 /proc/net/tcpprobe cat /proc/net/tcpprobe > /tmp/output.out & pid=$!

full = 1 : enter each ack packet received

full = 0 : register only when the condo changes (if you use this, your output may be empty)

Now pid is the process that registers the probe. To stop, just kill this process:

 kill $pid

The format of output.out (according to source on line 198):

 [time][src][dst][length][snd_nxt][snd_una][snd_cwnd][ssthresh][snd_wnd][srtt][rcv_wnd]
+3
source

This can be done without any additional kernel modules using the ss command (part of the iproute package), which can provide detailed information about open sockets. It will not be displayed for each packet, but most of this information is calculated by the number of packets. For instance. To display a list of currently open TCP sockets (option t ) and related information on internal TCP ( i ) information, including congestion control algorithm, rtt , cwnd , etc.:

 ss -ti

Here is an example output:

 State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 192.168.56.102:ssh 192.168.56.1:46327 cubic wscale:6,7 rto:201 rtt:0.242/0.055 ato:40 mss:1448 rcvmss:1392 advmss:1448 cwnd:10 bytes_acked:33169 bytes_received:6069 segs_out:134 segs_in:214 send 478.7Mbps lastsnd:5 lastrcv:6 lastack:5 pacing_rate 955.4Mbps rcv_rtt:3 rcv_space:28960
0
source

Source: https://habr.com/ru/post/1241059/

More articles:


All Articles