We'd like a trace including all the IP headers and UDP/TCP headers as
well. So, basically, we're talking about saving the first 50 bytes of
each packet starting at the IP layer (20 for ip, 20 for TCP, 10 for TCP
options). I can't think of a good reason to save the MAC data (unless
we later find out that one of the ether switches was bad and want to
remove it from the dataset) but it'd be fine to save that stuff (an
additional 14 bytes for a total of 64 per packet) if its faster/easier
to do so. This shouldn't require any more anonymization since the only
addressing data is IP, and presumably port number doesn't reveal
anything. If CAC is worried about data past the headers getting in then
we can take the min of TCP/UDP header length and 50/64 bytes.
There are a number of things we'd like to use the data for. I've listed
the few that I could think of right now below. We're actively
interested in 1, 2 and 7 right now.
1) Validating models of dependent packet loss that we're
developing for slow start
2) Validating a model on how packet loss affects TCP connection
establishment.
3) See the distribution of advertised receiver windows is.
4) Separate out low bandwidth flows (ie from modems)
5) Separate out short flows
6) Correlation between burstiness and drop rate
7) Effect of multiple slow starts through a bottleneck on drop
rate
(ie can we guess which packets should be proactively dropped with high
probability).
- Stefan