Old Well

Department of Computer Science
College of Arts and Sciences
University of North Carolina at Chapel Hill

COMP 290-042: Advanced Networking -- Internet Architecture & Performance

Notes on the new version of tcptrace from Michele Clark

What can tcptrace do for me?

Tcptrace is way cool. =)  Not only will it read raw
tcpdump data, it will give lots of handy-dandy stats.

  What if I need tcplib-type stats?
	> mkdir data
	> tcptrace -xtcplib data.tcpdump

	Creates the following files in the data directory:


  What if I need HTTP stats?
	> tcptrace -xHTTP data.tcpdump    

	  Outputs a list of connections w/server and client SYN and
	FIN times, and duration of connection.  It also generates
	xplot files which give the duration of each connection.

	  Also creates a bunch of *.dat files that give various
	stats, check the src to find out exactly what it is...

  What if I need UDP stats?
	> tcptrace -u [-l] data.tcpdump

	  In addition to info on TCP connections, it gives info on UDP
	'connections', where a UDP 'connection' seems to be a pair
	< host, port>, < dest,port>.

	  The -l option produces a long description of each connection,
	including elapsed time, total packets, total bytes sent, and 
	thruput (in each direction).

  What if I just want overall traffic stats?
	> tcptrace -xtraffic"ARGS" data.tcpdump	 (try tcptrace -hargs for help)

  What other modules are available?
	> tcptrace -xcollie"[-ln]" data.tcpdump
	  Gives stats on connections.

	> tcptrace -xrttgraph data.tcpdump

	  Gives rttgraph stats.

  What if none of this helps me?

  	Take a gander at the source (especially code for the modules)
	of tcptrace to see if you can use its tcpdump-reading capabilities 
	in your own program. 


Page maintained by: Department of Computer Science, UNC-Chapel Hill
Server Manager: webmaster@cs.unc.edu
Content Manager: parris@cs.unc.edu