Hacking Nmap: Using Nmap to Calculate Network Response Time

Step 2: Server Response Time

Now that the end user has requested some information from the application and the IP stack of the application server has acknowledged the delivery of the “package,” the application server goes to work on responding to the application request. The time involved in answering the request is based on the complexity of the request, the load on the application server, and other application requirements (database accesses, third-tier requests, etc.).

Notice that there is a delay between the time where the server receives the HTTP GET request and when the first HTTP DATA response is sent. This delay is the server response time, and it’s always a variable delay based on the type of request and the resources available on the server.

Step 3: Transaction Transfer Time

Although the server has completed the processing required to respond to the original end-user request, there’s still a delay associated with sending the results across the network to the end-user. For example, transfers of large files or graphics may send many frames and take seconds or minutes to complete.

Here’s how this looks on the network:

The initial TCP three way handshake begins the conversation, and the search request from the client is seen in frame 4. After 52 milliseconds, a TCP acknowledgement is sent from the server in frame 5.

Frame 6 is the response to the search request from the web server (the server response time), and it occurs approximately 1.3 seconds after the original search request. Frames 7 through 15 are the resulting transfers of the search information from the web server. The total transaction transfer time would be the total time spent for all of these frames to transfer from the server to the client.