tcptrace gives quite a nice summary complementary to the detailed view that wireshark gives you. Here's the -l output on this file:
wget_bazaar.lp.net-short.pcap: 3000 100% (0:00:35.485313)
3000 packets seen, 3000 TCP packets traced
elapsed wallclock time: 0:00:05.063794, 592 pkts/sec analyzed
trace file elapsed time: 0:00:35.485839
first packet: Fri Jun 18 07:44:03.868056 2010
last packet: Fri Jun 18 07:44:39.353895 2010
TCP connection info:
1 TCP connection traced:
TCP connection 1:
host a: 192.168.2.16:57288
host b: crowberry.canonical.com:80
complete conn: no (SYNs: 2) (FINs: 0)
first packet: Fri Jun 18 07:44:03.868056 2010
last packet: Fri Jun 18 07:44:39.353895 2010
elapsed time: 0:00:35.485839
total packets: 3000
filename: wget_bazaar.lp.net-short.pcap
a->b: b->a:
total packets: 1085 total packets: 1915
ack pkts sent: 1084 ack pkts sent: 1915
pure acks sent: 1083 pure acks sent: 1
sack pkts sent: 403 sack pkts sent: 0
dsack pkts sent: 3 dsack pkts sent: 0
max sack blks/ack: 2 max sack blks/ack: 0
unique bytes sent: 188 unique bytes sent: 2745919
actual data pkts: 1 actual data pkts: 1913
actual data bytes: 188 actual data bytes: 2750275
rexmt data pkts: 0 rexmt data pkts: 3
rexmt data bytes: 0 rexmt data bytes: 4356
zwnd probe pkts: 0 zwnd probe pkts: 0
zwnd probe bytes: 0 zwnd probe bytes: 0
outoforder pkts: 0 outoforder pkts: 390
pushed data pkts: 1 pushed data pkts: 20
SYN/FIN pkts sent: 1/0 SYN/FIN pkts sent: 1/0
req 1323 ws/ts: Y/N req 1323 ws/ts: Y/N
adv wind scale: 2 adv wind scale: 7
req sack: Y req sack: Y
sacks sent: 403 sacks sent: 0
urgent data pkts: 0 pkts urgent data pkts: 0 pkts
urgent data bytes: 0 bytes urgent data bytes: 0 bytes
mss requested: 1460 bytes mss requested: 1460 bytes
max segm size: 188 bytes max segm size: 1452 bytes
min segm size: 188 bytes min segm size: 8 bytes
avg segm size: 187 bytes avg segm size: 1437 bytes
max win adv: 261340 bytes max win adv: 6912 bytes
min win adv: 16068 bytes min win adv: 6912 bytes
zero win adv: 0 times zero win adv: 0 times
avg win adv: 180585 bytes avg win adv: 6912 bytes
initial window: 188 bytes initial window: 2904 bytes
initial window: 1 pkts initial window: 2 pkts
ttl stream length: NA ttl stream length: NA
missed data: NA missed data: NA
truncated data: 0 bytes truncated data: 0 bytes
truncated packets: 0 pkts truncated packets: 0 pkts
data xmit time: 0.000 secs data xmit time: 35.138 secs
idletime max: 410.2 ms idletime max: 410.3 ms
throughput: 5 Bps throughput: 77381 Bps
Nothing stands out as particularly bad to me (I may be missing something) except there are a surprising number of out of order packets, but they are mostly causing SACK rather than retransmission.
tcptrace gives quite a nice summary complementary to the detailed view that wireshark gives you. Here's the -l output on this file:
wget_bazaar. lp.net- short.pcap: 3000 100% (0:00:35.485313) canonical. com:80 lp.net- short.pcap
3000 packets seen, 3000 TCP packets traced
elapsed wallclock time: 0:00:05.063794, 592 pkts/sec analyzed
trace file elapsed time: 0:00:35.485839
first packet: Fri Jun 18 07:44:03.868056 2010
last packet: Fri Jun 18 07:44:39.353895 2010
TCP connection info:
1 TCP connection traced:
TCP connection 1:
host a: 192.168.2.16:57288
host b: crowberry.
complete conn: no (SYNs: 2) (FINs: 0)
first packet: Fri Jun 18 07:44:03.868056 2010
last packet: Fri Jun 18 07:44:39.353895 2010
elapsed time: 0:00:35.485839
total packets: 3000
filename: wget_bazaar.
a->b: b->a:
total packets: 1085 total packets: 1915
ack pkts sent: 1084 ack pkts sent: 1915
pure acks sent: 1083 pure acks sent: 1
sack pkts sent: 403 sack pkts sent: 0
dsack pkts sent: 3 dsack pkts sent: 0
max sack blks/ack: 2 max sack blks/ack: 0
unique bytes sent: 188 unique bytes sent: 2745919
actual data pkts: 1 actual data pkts: 1913
actual data bytes: 188 actual data bytes: 2750275
rexmt data pkts: 0 rexmt data pkts: 3
rexmt data bytes: 0 rexmt data bytes: 4356
zwnd probe pkts: 0 zwnd probe pkts: 0
zwnd probe bytes: 0 zwnd probe bytes: 0
outoforder pkts: 0 outoforder pkts: 390
pushed data pkts: 1 pushed data pkts: 20
SYN/FIN pkts sent: 1/0 SYN/FIN pkts sent: 1/0
req 1323 ws/ts: Y/N req 1323 ws/ts: Y/N
adv wind scale: 2 adv wind scale: 7
req sack: Y req sack: Y
sacks sent: 403 sacks sent: 0
urgent data pkts: 0 pkts urgent data pkts: 0 pkts
urgent data bytes: 0 bytes urgent data bytes: 0 bytes
mss requested: 1460 bytes mss requested: 1460 bytes
max segm size: 188 bytes max segm size: 1452 bytes
min segm size: 188 bytes min segm size: 8 bytes
avg segm size: 187 bytes avg segm size: 1437 bytes
max win adv: 261340 bytes max win adv: 6912 bytes
min win adv: 16068 bytes min win adv: 6912 bytes
zero win adv: 0 times zero win adv: 0 times
avg win adv: 180585 bytes avg win adv: 6912 bytes
initial window: 188 bytes initial window: 2904 bytes
initial window: 1 pkts initial window: 2 pkts
ttl stream length: NA ttl stream length: NA
missed data: NA missed data: NA
truncated data: 0 bytes truncated data: 0 bytes
truncated packets: 0 pkts truncated packets: 0 pkts
data xmit time: 0.000 secs data xmit time: 35.138 secs
idletime max: 410.2 ms idletime max: 410.3 ms
throughput: 5 Bps throughput: 77381 Bps
Nothing stands out as particularly bad to me (I may be missing something) except there are a surprising number of out of order packets, but they are mostly causing SACK rather than retransmission.