In a previous post on jperf, I wrote about using jperf to check network performance. In a later post, I mentioned using filters on Wireshark to analyze traffic. Combining jperf with Wireshark gives you (respectively) a tool to simulate network traffic and a tool to probe and capture what is taking place on the network whilst the simulation is running. This post gives a short example on how to use both tools.First a brief recap: jperf needs two computers: one to act as the server and one as the client. The server end can be setup as per Figure A.
Click on images to enlarge.
You can change the parameters once you've had a few run-throughs, but for the purpose of this example, we'll leave them as they are. In this case we want to check on TCP throughput. This simulates perhaps an ftp connection, or an http page load.On the client laptop (which, in this case, was a Linux netbook) jperf ran for 10 seconds (the default). A Wireshark capture session was also started just prior to the jperf transmission. Figure B shows the jperf screen from the client side. In this case, the server IP address was 192.168.250.2. Figure C shows the actual capture.
Note the TCP three-way handshake starts in line 29 of this capture. The relevant parts of the three-way handshake have been circled. After the connection is established, the data starts to flow from line 35. In this case, 1514 byte frames are being used. We can also see the source and the destination IP. Note that this connection is simulating a TCP connection, rather than a UDP connection.
We can use this to provide an estimate of throughput. In this case, we can see that the throughput is relatively constant over the period of transmission. One word of warning: Wireshark was designed more with network troubleshooting in mind, so the graphing functions are designed more to assist in pinpointing a problem than in providing graphs for general use.
This post has looked briefly at a combination of jperf and Wireshark. Jperf can be used to simulate a TCP connection (such as ftp) or a UDP connection (such as VoIP). Wireshark can be used to check on the frames that are being sent over the network by the simulation.
Scott Reeves has worked for Hewlett Packard on HP-UX servers and SANs, and has worked in similar areas in the past at IBM. Currently he works as an independent IT consultant, specializing in Wi-Fi networks and SANs.