Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
OK, thanks a lot for sharing those results. I get the same results for the normal ethernet interface. Thus, it seems there is good correlation between the ethereal logs and the MS-DOS responses for both ethernet and WLAN interfaces. For the USB interface there is still a mismatch between the ethereal timestamps and those presented in the MS-DOS window. I still don't have full understanding of this, although someone asked me to check how WinPcap gets its timestamps: something I haven't yet been able to do! Best Regards/Tomas -----Original Message----- From: ethereal-users-bounces@xxxxxxxxxxxx [mailto:ethereal-users-bounces@xxxxxxxxxxxx]On Behalf Of Al Stu Sent: den 7 oktober 2005 08:45 To: Ethereal user support Subject: Re: [Ethereal-users] Can I trust the timestamps This is on a WLAN interface rather than USB, but is definitely is NOT truncated to 10ms and appears to match very closely the DOS ping results (ethereal time is delta from previous packet). Pinging yahoo.com [66.94.234.13] with 32 bytes of data: Reply from 66.94.234.13: bytes=32 time=37ms TTL=52 Reply from 66.94.234.13: bytes=32 time=51ms TTL=51 Reply from 66.94.234.13: bytes=32 time=58ms TTL=52 Reply from 66.94.234.13: bytes=32 time=54ms TTL=51 No. Time Source Destination Protocol Info 1 0.003045 192.168.1.1 yahoo.com ICMP Echo (ping) request 2 0.037259 yahoo.com 192.168.1.101 ICMP Echo (ping) reply 3 0.967955 192.168.1.1 yahoo.com ICMP Echo (ping) request 4 0.051055 yahoo.com 192.168.1.101 ICMP Echo (ping) reply 5 0.950601 192.168.1.1 yahoo.com ICMP Echo (ping) request 6 0.058340 yahoo.com 192.168.1.101 ICMP Echo (ping) reply 7 0.943089 192.168.1.1 yahoo.com ICMP Echo (ping) request 8 0.053979 yahoo.com 192.168.1.101 ICMP Echo (ping) reply ----- Original Message ----- From: "Tomas Brännlund (KI/EAB)" <tomas.brannlund@xxxxxxxxxxxx> To: <ethereal-users@xxxxxxxxxxxx> Sent: Thursday, September 15, 2005 10:59 PM Subject: [Ethereal-users] Can I trust the timestamps Hello! I wonder if someone could help me with an Ethereal timestamping problem. We made some tests with a mobile terminal connected to a PC via USB. The mobile terminal was connected to internet. We ran ping tests from the computer and at the same time we logged the USB port with Ethereal. We ran the Ping tests from an MS-DOS window. When we compared the Ping result presented on the MS-DOS window with that logged with Ethereal there was a difference. It seemed like Ethereal truncated the result down to multiples of 10 milliseconds (rather: when taking the difference between ICMP request and response the difference was always multiples of 10ms). To give an example: the MS -DOS window could present results ranging from 90ms up to 120ms. There were no steps, i.e. all values between 90 and 120ms seemed to appear (e.g. 90ms, 92ms, 96ms, 99ms etc). When looking at the ethereal results, they showed either 80ms, 90ms or 110ms, in those exact steps. Could someone please explain this behaviour. I sent this question a few weeks ago without any response. But I am still hoping someone can help me! Thanks/Tomas Brannlund _______________________________________________ Ethereal-users mailing list Ethereal-users@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-users _______________________________________________ Ethereal-users mailing list Ethereal-users@xxxxxxxxxxxx http://www.ethereal.com/mailman/listinfo/ethereal-users
