This is how to measure a webserver delay from the request to the first response. Thus it will only measure the time within the server, not the network delays.
It is done using tcpdump to collect the data and a program I have written to extract the response time.
This will monitor the delay between the clients request and the first response from the webserver. It works with other services as well as long as they follow the same request-response pattern as in http.
Recording
The recoding on the server is done using tcpdump. Run the following shell command as root to store the result into web.log.
tcpdump -tt -p -n "port 80 and tcp[13] & 8 != 0" > web.log
This will listen for packets on the first interface, if you want to specify which one, use “-i eth0″.
-tt will print the timestamp unformated.
-p makes sure the interface is not in promiscuous mode, which we don’t need since we know exactly what we are listening for.
-n will output all addressas in number format, no dns lookups.
Finally comes the filter that tells tcpdump what packages to record.
port 80 - only capture package to or from port 80 - our web server is at that port.
tcp[13] & 8 != 0 - only capture packages with payload/data. This will discard all other packages used to initiate the connection and ACK.
Extraction
The program called webresponse will parse the log using the following command:
cat response.log | mono webresponse.exe 123.123.123.123 > delay.log
The output looks something like this:
1263241029.252353 1.05 1263241030.639528 0.924 1263241031.623903 2.212 1263241032.659558 118.8014 1263241032.974350 12.255 1263241034.054304 1.254 1263241036.442082 1.404
First comes the unix time followed by the response delay in milliseconds.
Source
WebResponse source code can be downloaded using git from http://src.endnode.se/git/webresponse
git clone http://src.endnode.se/git/webresponse
