Wireshark · Wireshark-users: [Wireshark-users] Tshark smb query

Wireshark-users: [Wireshark-users] Tshark smb query

From: Tal Bar-Or <tbaror@xxxxxxxxx>

Date: Thu, 14 Oct 2010 14:41:08 +0200

Hello,

I have following output from Tshark trying to analyze SMB performance
E:\>tshark -r test.pcap -nqz smb,rtt

===================================================================
SMB RTT Statistics:
Filter:
Commands                   Calls   Min RTT   Max RTT   Avg RTT
Trans                          6   0.00025   0.00142   0.00064
Tree Disconnect                4   0.00012   0.00036   0.00023
Negotiate Protocol             2   0.00042   0.00042   0.00042
Session Setup AndX             3   0.00030   0.00131   0.00074
Logoff AndX                    2   0.00017   0.00055   0.00036
Tree Connect AndX              4   0.00013   0.00064   0.00031

Transaction2 Commands      Calls   Min RTT   Max RTT   Avg RTT
FIND_FIRST2                  194   0.00019   0.00033   0.00024
QUERY_PATH_INFO              428   0.00016   0.00198   0.00026
GET_DFS_REFERRAL               3   0.00019   0.00028   0.00024

NT Transaction Commands    Calls   Min RTT   Max RTT   Avg RTT
===================================================================

I would like to recognize which command is client side and which is server side to analyze source of latency

it will be grate if someone could help with this topic.

Thanks

Tal,

Follow-Ups:
- Re: [Wireshark-users] Tshark smb query
  - From: Guy Harris

Prev by Date: Re: [Wireshark-users] tshark filter
Next by Date: [Wireshark-users] display text representation of ldap.filter in tshark
Previous by thread: [Wireshark-users] Problem with XML Dissector
Next by thread: Re: [Wireshark-users] Tshark smb query
Index(es):
- Date
- Thread