For viewing TCP stream graph statistics, do the following:
- Click on a packet on the stream you want to monitor.
The TCP stream shows a directional graph, so when you click on a packet, it should be in the direction in which you want to view the statistics. If, for example, you download a file, and you want to view the download statistics, click on a packet on the download direction.
- From the Statistics menu, choose TCP Stream Graphs | Time Sequence Graph (Stevens).
The following window will open:
The graph shows the progress of the amount of byte transference over time. In this example, we can see a continuous diagonal line, with some plateaus in the transfer.
The Y-Axis in the graph is for sequence numbers, while in the graph I wrote packets/second graph. It actually means the same—each dot in the graph refers to a packet, when its value is the first sequence number in the TCP packet (see in the How it works... section later in this recipe).
In Chapter 10, Network Layer Protocols and Operations, we will learn what this graph indicates, and some cases that it helps to solve.
- In the case of a file transfer, to measure its throughput, simply calculate the bytes transferred in a unit of time, as seen in the following screenshot:
- We can see that the transfer rate is 350,000 bytes in 6 seconds—that is roughly 58,000 bytes/second, or 58 kilobits/second.
- By default, the Drags checkbox, in the lower-left corner of the stream graph menu, is checked. In this case, you can drag the graph up/down or stretch the x axis-y axis right/left. For example, we can use this feature to move the graph closer to the y axis to see a specific value.
With when the Mouse checkbox is set to drag, you can use Ctrl + the mouse wheel to zoom in and out on the TCP stream graph.
- When we check the Zoom checkbox, to the right of the Mouse checkbox, we change the setting to zoom. In the next screenshot, we can see how we can zoom-in twice to the graph to get more details on a specific time period—in this case, we are looking at a point in time that is roughly between 16 to 19 seconds since capture started:
- The other graph configuration buttons are as follows:
- Type of graph (lower-left corner, right above the drag/zoom checkboxes). You can choose between the various types of TCP graphs (shown in the following screenshot): Time / Sequence (Stevens), Round Trip Time, Throughput, Time / Sequence (tcptrace), Window Scaling.
-
- Stream number, on the lower-right corner of the window. This shows the number of the stream in the capture file.
- Switch direction, to the right of the stream number. Clicking on this shows the opposite direction of the stream. If we choose a stream direction on the download from the server to us, the opposite direction is the packets on the same stream on the way back from us to the server—in this case, the acknowledgments.
- Reset, below the Switch Direction checkbox. This brings the graph back to the default view.
- Help brings up the software manual.
- Save As... saves the graph in the .pdf, .png, .bmp, or .jpg formats.