I’m attempting to estimate latency between my PC and any servers/clients it interacts with. I don’t want to use Ping for various reasons (requires both ends to allow it, would require additional traffic just to determine latency, etc) and would like to estimate the latency using any TCP ACK RTT measurements.
I started by using Wireshark but I’m finding that the RTT to an IP is significantly lower than the latency reported when I Ping that same destination. (e.g. 55ms TCP ACK RTT vs 168ms Ping)
Am I incorrect in thinking that these values should be similar? Could someone explain what the difference between the two are and hence why the values are drastically different?
Best Answer
The real difference is the protocols used. Ping is an application that uses ICMP, an integral part of IP. One problem with ICMP is that ICMP message generation is a low-priority task. Devices are designed to perform tasks other than ICMP message generation, which gets relegated to a low priority so that the device can optimally perform its primary task, getting around to generating the ICMP messages when it has some spare time.
TCP is a transport protocol, and it is optimized in a host OS to give good service to the applications using its service. TCP should always perform better than ICMP.
Many people make the mistake of relying on the latency report by ping to determine network latency and performance. Ping is a tool that was designed to determine if a host is up and running on the network, not to determine the network latency or performance of applications using other protocols.
Yes, they are completely separate protocols.
See above.