linuxsocketstcplinux-kernelcubic

Extract TCP round trip time (RTT) estimations on linux


I have apache server running on Ubuntu. Client connects and downloads an image. I need to extract RTT estimations for the underlying TCP connection. Is there a way to do this? Maybe something like running my tcp stack in debug mode to have it log this info somewhere?

Note that I don't want to run tcpdump and extract RTTs from the recorded trace! I need the TCP stack's RTT estimations (apparently this is part of the info you can get with TCP_INFO socket option). Basically need something like tcpprob (kprobe) to insert a hook and record the estimated RTT of the TCP connection on every incoming packet (or on every change).

UPDATE:

I found a solution. rtt, congestion window and more can be logged using tcpprobe. I posted an answer below.


Solution

  • This can be done using tcpprobe, which is a module that inserts a hook into the tcp_recv processing path using kprobe records the state of a TCP connection in response to incoming packets.

    Let's say you want to probe tcp connection on port 443, you need to do the following:

    sudo modprobe tcp_probe port=443 full=1
    sudo chmod 444 /proc/net/tcpprobe
    cat /proc/net/tcpprobe > /tmp/output.out &
    pid=$!
    

    full=1: log on every ack packet received

    full=0: log on only condo changes (if you use this your output might be empty)

    Now pid is the process which is logging the probe. To stop, simply kill this process:

    kill $pid
    

    The format of output.out (according to the source at line 198):

    [time][src][dst][length][snd_nxt][snd_una][snd_cwnd][ssthresh][snd_wnd][srtt][rcv_wnd]