Old Well


Department of Computer Science
College of Arts and Sciences
University of North Carolina at Chapel Hill

COMP 290-042: Advanced Networking -- Internet Architecture & Performance

Notes on the new version of tcptrace from Michele Clark

What can tcptrace do for me?
============================

Tcptrace is way cool. =)  Not only will it read raw
tcpdump data, it will give lots of handy-dandy stats.


  What if I need tcplib-type stats?
  ---------------------------------
	> mkdir data
	> tcptrace -xtcplib data.tcpdump

	Creates the following files in the data directory:

	breakdown
	breakdown_hist
	conv.conv_time
	ftp.ctlsize
	ftp.itemsize
	http.itemsize
	nntp.itemsize
	smtp.itemsize
	telnet.duration
	telnet.interarrival
	telnet.pktsize


  What if I need HTTP stats?
  -------------------------------
	> tcptrace -xHTTP data.tcpdump    

	  Outputs a list of connections w/server and client SYN and
	FIN times, and duration of connection.  It also generates
	xplot files which give the duration of each connection.

	  Also creates a bunch of *.dat files that give various
	stats, check the src to find out exactly what it is...


  What if I need UDP stats?
  -------------------------
	> tcptrace -u [-l] data.tcpdump


	  In addition to info on TCP connections, it gives info on UDP
	'connections', where a UDP 'connection' seems to be a pair
	< host, port>, < dest,port>.

	  The -l option produces a long description of each connection,
	including elapsed time, total packets, total bytes sent, and 
	thruput (in each direction).


  What if I just want overall traffic stats?
  ------------------------------------------
	> tcptrace -xtraffic"ARGS" data.tcpdump	 (try tcptrace -hargs for help)


  What other modules are available?
  ---------------------------------  
	> tcptrace -xcollie"[-ln]" data.tcpdump
	
	  Gives stats on connections.

	> tcptrace -xrttgraph data.tcpdump

	  Gives rttgraph stats.


  What if none of this helps me?
  ------------------------------

  	Take a gander at the source (especially code for the modules)
	of tcptrace to see if you can use its tcpdump-reading capabilities 
	in your own program.

Line

Page maintained by: Department of Computer Science, UNC-Chapel Hill
Server Manager: webmaster@cs.unc.edu
Content Manager: parris@cs.unc.edu