Skip to content

Store link-layer timestamp in icmp_echo_time module#726

Merged
zakird merged 1 commit intozmap:mainfrom
maxmouchet:store-recv-timestamp
Aug 28, 2023
Merged

Store link-layer timestamp in icmp_echo_time module#726
zakird merged 1 commit intozmap:mainfrom
maxmouchet:store-recv-timestamp

Conversation

@maxmouchet
Copy link
Contributor

@maxmouchet maxmouchet commented Aug 18, 2023
edited
Loading

Fixes inaccurate RTTs when using the icmp_echo_time module (#562).

This follows up on #607 which passes the pcap/pf_ring timestamp to the packet handler. The information was there but was seemingly never used.

This adds two fields to the output of the icmp_echo_time module based on the capture timestamp: recv_timestamp_ts and recv_timestamp_ns.

Test:

./src/zmap -M icmp_echo_time -O json 8.8.8.8 \
  -f sent_timestamp_ts,sent_timestamp_us,timestamp_ts,timestamp_us,recv_timestamp_ts,recv_timestamp_ns > res.json

RTT with original timestamp:

jq '((.timestamp_ts * 1e6 + .timestamp_us) - (.sent_timestamp_ts * 1e6 + .sent_timestamp_us)) / 1e3' res.json
1044.48

RTT with link-layer timestamp:

jq '((.recv_timestamp_ts * 1e6 + .recv_timestamp_ns / 1e3) - (.sent_timestamp_ts * 1e6 + .sent_timestamp_us)) / 1e3' res.json
17.838

RTT with ping:

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=20.2 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=18.3 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=116 time=16.3 ms

@maxmouchet
Copy link
Contributor Author

maxmouchet commented Aug 18, 2023
edited
Loading

I've made a few tweaks to my original commit:

  • Store recv_timestamp_us instead of recv_timestamp_ns for consistency
    • Send timestamp is only available at the microsecond resolution so it's not very useful to store the receive timestamp at the nanosecond resolution.
  • Add rtt_us so that the user doesn't have to compute the RTT himself
{
  "saddr": "8.8.8.8",
  "saddr_raw": 134744072,
  "daddr": "198.19.249.210",
  "daddr_raw": 3539538886,
  "ipid": 3099,
  "ttl": 116,
  "type": 0,
  "code": 0,
  "icmp_id": 22402,
  "seq": 17877,
  "sent_timestamp_ts": 1692376823,
  "sent_timestamp_us": 100749,
  "recv_timestamp_ts": 1692376823, // Added in this PR
  "recv_timestamp_us": 123706,     // Added in this PR
  "rtt_us": 22957,                 // Added in this PR
  "dst_raw": 134744072,
  "classification": "echoreply",
  "success": 1,
  "repeat": false,
  "cooldown": true,
  "timestamp_str": "2023-08-18T18:40:24.161+0200",
  "timestamp_ts": 1692376824,
  "timestamp_us": 161167
}

@zakird zakird merged commit 4dd3873 into zmap:main Aug 28, 2023
@maxmouchet maxmouchet deleted the store-recv-timestamp branch August 28, 2023 17:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zakird zakird zakird approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@maxmouchet @zakird