0

I am trying to estimate bandwidth usage of a XMPP application.

The application is receiving a 150-bytes ping each second, and answering with a ping of the same size.(*)

However, when I measure the data usage, I get something like 900 bytes per ping (and not the 300 expected)

I have a suspicion this might relate to something layer bellow (TCP? IP?) and datagram sizes. But, so far, reading the TCP/IP guide did not lead me anywhere.

Another hypothesis would be that this overhead comes from XMPP itself, somehow.

Can anyone enlighten me ?

(*) to get this "150 bytes" I counted the number of chars in the <iq> (the xml representation of the ping)

I am using TLS, but not BOSH (actually, BOSH on the other connection: I am measuring results in the android client, and the pings are coming from a web application, but I think that should not matter)

The client is Xabber, running on android

josinalvo
  • 1,366
  • 13
  • 26
  • You should add some details: are you using TLS? Or BOSH? – xnyhps Apr 09 '15 at 08:22
  • TLS can sometimes increase packet size by a small amount, but it wouldn't account for the 600 extra bytes you're seeing. Is there a way to log the raw XML stream in whatever library you are using, before TLS? – MattJ Apr 10 '15 at 04:49
  • How I got the 150: looking at the BOSH (http) request that the webclient writes, and extracting the xml – josinalvo Apr 10 '15 at 20:42
  • (did not yet look at the whole stream ...) – josinalvo Apr 10 '15 at 20:42

1 Answers1

1

Lets try to calculate the worst-case overhead down to the IP level.

For TLS we have:

  • With TLS 1.1 and up, in CBC mode: an IV of 16 bytes.

  • Again, in CBC mode: TLS padding. TLS uses blocks of 16 bytes, so it may need to add 15 bytes of padding.

    (Technically TLS allows for up to 255 bytes of padding, but in practice I think that's rare.)

  • With SHA-384: A MAC of 48 bytes.
  • TLS header of 5 bytes.

That's 84 extra bytes.

TCP and IP headers are 40 bytes (from this answer) if no extra options are used, but for IPv6 this would be 60 bytes.

So you could be seeing 84 + 60 + 150 = 294 bytes per ping.

However, on the TCP level we also need ACKs. If you are pinging a different client (especially over BOSH), then the pong will likely be too late to piggyback the TCP ACK for the ping. So the server must send a 60 byte ACK for the ping and the client also needs to send a 60 byte ACK for the pong.

That brings us to:

294 + 60 + 294 + 60 = 708

900 still sounds a lot too large. Are you sure the ping and the pong are both 150 bytes?

Community
  • 1
  • 1
xnyhps
  • 3,306
  • 17
  • 21