Sebastian Zander

In first person shooter (FPS) games the round trip time (RTT) between a client and server influences player decisions on which server to join. Game servers do not accurately log the RTT of potential clients who only probed the server. We describe a simple, active method of estimating the RTT and hop-count between server and client when armed only with each client’s IP address. For rough approximations this scheme works days or weeks after client IP addresses were collected. We illustrate using data gathered from a Wolfenstein Enemy Territory server operating in Australia, providing after-the-fact comparisons between the RTT and hop-count distributions of clients who probe a server versus clients who actually join a server and play.

Public traffic traces are often obfuscated for privacy reasons, leaving network historians with only port numbers from which to identify past application traffic trends. However, it is misleading to make assumptions simply based on default port numbers for many applications. Traffic classification based on machine learning could provide a solution. By training a classifier using representative traffic samples, we can differentiate between distinct, but possibly similar, applications in previously anonymised trace files. Using popular peer-to-peer and online game applications as examples, we show that their traffic flows can be separated after-the-fact without using port numbers or packet payload. We also address how to obtain negative training examples, propose an approach that works with any existing machine-learning algorithm, and present a preliminary evaluation based on real traffic data.

Service Level Agreements ( SLAs) specify the Quality of Services ( QoS) negotiated between provider and customer. QoS Measurements provide a suitable way to proof the fulfillment of the given guarantees. During service usage the traffic of interest is already present in the network. This traffic can be utilized for passive (non-intrusive) measurement methods avoiding the disadvantages of sending test traffic for active (intrusive) measurements. Some applications (e.g. interactive applications like IP telephony) rely on guarantees for one-way metrics like one-way delay. One-way metrics usually cannot be derived from round trip measurements. Therefore specific methods are required to measure one-way metrics. In this paper we evaluate the necessary building blocks for passive one-way-delay measurement. In p articular we discuss different functions for the generation of packet identifiers needed to correlate packet arrivals at the ingress and egress measurement point. We have implemented a flexible and modular meter, which allows us to use and compare different functions for the packet ID generation. In experiments we have measured the performance of the different methods investigated in this paper. We conclude with the experiment results and identify the applicability and efficiency of the different methods.