All geek questions in one place

How to get min / avg / var rtt for all TCP connections in Linux?

I am trying to implement software that monitors open TCP connections and classifies them based on the round-trip TCP transit time estimates on Linux. I am looking for similar information that nettop shows on MacOS X.

$ nettop -m tcp

It shows a list of open connections by the process that owns it. It includes the current rounding time of the min, the average value and the variance estimates for each compound.

To listen to your own program connections, you can do something like http://linuxgazette.net/136/pfeiffer.html , but I'm looking for something like nettop, which shows information for all the connections on the machine. On OS X, which does not require root access, but this is normal if the response is executed.

I would prefer a version compatible with Python, but if it is not available, I can live with C. If there is an existing command line utility such as nettop for Linux, this is also interesting.

on this topic:

  • Wikipedia: Karna algorithm
+4
source share
2 answers

If you want to do this with your own code, you can look at the output of libpcap or tcpdump and compare the timestamp with the packets with the corresponding sequence and number numbers and average values ​​over the last few seconds.

  • 12: 19: 39.331248 IP 10.0.60.243.ssh> 192.168.50.22.21950: P 11952 : 12180 (228)
  • 12: 19: 39.331388 IP 10.0.60.243.ssh> 192.168.50.22.21950: P 12328 : 12476 (148)
  • 12: 19: 39.380981 IP 192.168.50.22.21950> 10.0.60.243.ssh :. ack 11952 win 65535
  • 12: 19: 39.381039 IP 10.0.60.243.ssh> 192.168.50.22.21950: P 12624 : 12772 (148)
  • 12: 19: 39.381054 IP 192.168.50.22.21950> 10.0.60.243.ssh :. ack 12328 win 65159
  • 12: 19: 39.381058 IP 192.168.50.22.21950> 10.0.60.243.ssh :. ack 12624 win 64863

That would be about 50 ms rtt

0
source

Some of this information is available on the team:

 ss -i -t
0
source

Source: https://habr.com/ru/post/1395447/

More articles:


All Articles