[ Next Article | Previous Article | Book Contents | Library Home | Legal | Search ]
Commands Reference, Volume 5

trpt Command

Purpose

Performs protocol tracing on TCP sockets.

Syntax

trpt -a ] [ -f ] [ -j ] [ -pAddress ]... [ -s ] [ -t ]

Description

The trpt command queries the buffer for Transmission Control Protocol (TCP) trace records. This buffer is created when a socket is marked for debugging with the setsockopt subroutine. The trpt command then prints a description of these trace records.

Note: You can use the traceson command to turn on socket level debugging for daemons.

When you specify no options, the trpt command prints all the trace records found in the system and groups them according to their TCP/IP connection protocol control block (PCB).

Before you can use the trpt command, you must:

  1. Isolate the problem and mark for debugging the socket or sockets involved in the connection.
  2. Find the address of the protocol control blocks associated with these sockets by using the netstat -aA command.
  3. Then you can run the trpt command, using the -p flag to supply the associated protocol control block addresses. You can specify multiple -pAddress flags with a single trpt command.

The -f flag can be used to follow the trace log once it is located. The -j flag can be used to check the presence of trace records for the socket in question.

If the system image does not contain the proper symbols to find the trace buffer, the trpt command cannot succeed.

Output Fields

The information put out by the trpt command varies with the flag you use. Definitions of the fields contained in the various types of output follow:

Protocol Control Block identifier Identifies the protocol block to be traced, as shown in the following example:
4c500c:
Timestamp Specifies the time at which the connection is attempted, as shown in the following example:
500
Connection State Specifies the state of the connection with the protocol control block:
CLOSED Connection is closed.
LISTEN Listening for a connection.
SYN_SENT Active; have sent SYN. Represents waiting for a matching connection request after having sent a connection request.
SYN_RCVD Have sent and received SYN. Represents waiting for a confirming connection request acknowledgment after having both received and sent connection requests.
ESTABLISHED Connection established.
CLOSE_WAIT Have received FIN; waiting to receive CLOSE.
LAST_ACK Have received FIN and CLOSE; awaiting FIN ACK.
FIN_WAIT_1 Have closed; sent FIN.
CLOSING Closed; exchanged FIN; awaiting FIN.
FIN_WAIT_2 Have closed; FIN is acknowledged; awaiting FIN.
TIME_WAIT In 2MSL (twice the maximum segment length) quiet wait after close.
Action Specifies the current status of the packet trace connection. The output of the command changes depending on the action.
Input Receiving input packets. The syntax of the output is:
input (SourceAddress, Port, DestinationAddress,
Port) <Sequence Number of the First Data Octet> @
AcknowledgementNumber

as in the following example:

input (src=129.353173176,23, dst=129.35.17.140, 1795) fb9f5461@fb9e4c68
Output Transmitting packets. The syntax of the output is:
output (SourceAddress, Port, DestinationAddress,
Port) <Sequence Number Of The First Data Octet>..
<Sequence Number of the Last Data Octet>@
AcknowledgementNumber)

as in the following example:

output (src=129.35.17.140,1795, dst=129.35.17.176, 23) fb9e4c68@fb9f5462
Window Size Specifies the size of the window sending or receiving packets, as shown in the following example:
(win=1000)
User Specifies user request. The following is an example of a user request:
SLOWTIMO<KEEP>

Types of user requests and their definitions follow:

PRU_ATTACH Attach protocol to up.
PRU-DETACH Detach protocol from up.
PRU_BIND Bind socket to address.
PRU_LISTEN Listen for connection.
PRU_CONNECT Establish connection to peer.
PRU_ACCEPT Accept connection from peer.
PRU_DISCONNECT Disconnect from peer.
PRU_SHUTDOWN Will not send any more data.
PRU_RCVD Have taken data; more room now.
PRU_SEND Send this data.
PRU_ABORT Abort (fast DISCONNECT, DETACH).
PRU_CONTROL Control operations on protocol.
PRU_SENSE Return status into m.
PRU_RCVOOB Retrieve out of band data.
PRU_SENDOOB Send out of band data.
PRU_SOCKADDR Fetch socket's address.
PRU_PEERADDR Fetch peer's address.
PRU_CONNECT2 Connect two sockets.
PRU_FASTTIMO 200 milliseconds timeout.
PRU_SLOTIMO 500 milliseconds timeout.
PRU_PROTORCV Receive from below.
PRU_PROTOSEND Send to below.
Drop Specifies that data was in preceding segment; data is dropped.
Window and Sequence Variables Types of window and sequence variables follow:
rcv_nxt Next sequence number expected on incoming segments.
rcv_wnd Size of receive window.
snd_una Oldest unacknowledged sequence number.
snd_nxt Next sequence number to be sent.
snd_max Highest sequence number sent.
snd_sl1 Window update segment sequence number.
snd_wl1 Window update segment ack number.
snd_wnd Send window.

Flags

-a Prints the values of the source and destination addresses for each packet recorded, in addition to the normal output.
-f Follows the trace as it occurs, waiting briefly for additional records each time the end of the log is reached.
-j Lists just the protocol control block addresses for which trace records exist.
-pAddress Shows only trace records associated with the protocol control block specified in hexadecimal by the Address variable. You must repeat the -p flag with each Address variable specified.
-s Prints a detailed description of the packet-sequencing information, in addition to the normal output.
-t Prints the values for all timers at each point in the trace, in addition to the normal output.

Examples

  1. To print trace information as well as the source and destination addresses for each packet recorded, enter:
    $ trpt -a
    This might display the following output:
    124b0c:
    900 ESTABLISHED:input (src=192.9.201.3,4257, dst=192.9.201.2,102
    5)2326e6e5@ad938c02(win=200)<ACK,FIN,PUSH> -> CLOSE_WAIT
    900 CLOSE_WAIT:output (src=192.9.201.2,1025, dst=192.9.201.3,425
    7)ad938c02@2326e6e6(win=4000)<ACK> -> CLOSE_WAIT
    900 LAST_ACK:output (src=192.9.201.2,1025, dst=192.9.201.3,4257)
    ad938c02@2326e6e6(win=4000)<ACK,FIN> -> LAST_ACK
    900 CLOSE_WAIT:user DISCONNECT -> LAST_ACK
    900 LAST_ACK:user DETACH -> LAST_ACK 12500c:
    800 ESTABLISHED:output (src=192.9.201.2,1024, dst=192.9.201.3,51
    2)ad8eaa13@2326e6e5(win=4000)<ACK> -> ESTABLISHED
    800 ESTABLISHED:input (src=192.9.201.3,512, \
    dst=192.9.201.2,1024)
    [2326e6e5..2326e727)@ad8eaa13(win=1ef)<ACK,PUSH> -> ESTABLISHED
    800 ESTABLISHED:user RCVD -> ESTABLISHED
    900 ESTABLISHED:output (src=192.9.201.2,1024, dst=192.9.201.3,51
    2)ad8eaa13@2326e727(win=4000)<ACK> -> ESTABLISHED
    900 ESTABLISHED:input (src=192.9.201.3,512, \
    dst=192.9.201.2,1024)
    [2326e727..2326e82f)@ad8eaa13(win=1ef)<ACK,PUSH> -> ESTABLISHED
    900 ESTABLISHED:user RCVD -> ESTABLISHED
    900 ESTABLISHED:output (src=192.9.201.2,1024, dst=192.9.201.3,51
    2)ad8eaa13@2326e82f(win=4000)<ACK> -> ESTABLISHED
    900 ESTABLISHED:input (src=192.9.201.3,512, \
    dst=192.9.201.2,1024)
    2326e82f@ad8eaa13(win=1ef)<ACK,FIN,PUSH> -> CLOSE_WAIT
    900 CLOSE_WAIT:output (src=192.9.201.2,1024, \
    dst=192.9.201.3,512)
    ad8eaa13@2326e830(win=4000)<ACK> -> CLOSE_WAIT
    900 LAST_ACK:output (src=192.9.201.2,1024, dst=192.9.201.3,512)a
    d8eaa13@2326e830(win=4000)<ACK,FIN> -> LAST_ACK
    900 CLOSE_WAIT:user DISCONNECT -> LAST_ACK
    900 LAST_ACK:user DETACH -> LAST_ACK
    $ _
  2. To list the protocol control blocks that have trace records, enter:
    trpt -j
    This might display the following output:
    124b0c, 12500c
  3. To print the trace records associated with a single protocol control block, enter:
    trpt -p 12500c
    This might display the following output:
    800 ESTABLISHED:output ad8eaa13@2326e6e5(win=4000)<ACK> -> 
    ESTABLISHED
    800 ESTABLISHED:input [2326e6e5..2326e727)@ad8eaa13(win=1ef) 
    <ACK,PUSH> -> ESTABLISHED
    800 ESTABLISHED:user RCVD -> ESTABLISHED
    900 ESTABLISHED:output ad8eaa13@2326e727(win=4000)<ACK> -> ESTABLISHED
    900 ESTABLISHED:input [2326e727..2326e82f)@ad8eaa13(win=1ef) <ACK,PUSH> -> ESTABLISHED
    900 ESTABLISHED:user RCVD -> ESTABLISHED
    900 ESTABLISHED:output ad8eaa13@2326e82f(win=4000)<ACK> -> ESTABLISHED
    900 ESTABLISHED:input 2326e82f@ad8eaa13(win=1ef)<ACK,FIN,PUSH> -> CLOSE_WAIT
    900 CLOSE_WAIT:output ad8eaa13@2326e830(win=4000)<ACK> -> CLOSE_WAIT
    900 LAST_ACK:output ad8eaa13@2326e830(win=4000)<ACK,FIN> -> LAST_ACK
    900 CLOSE_WAIT:user DISCONNECT -> LAST_ACK
    900 LAST_ACK:user DETACH -> LAST_ACK
    $ _

Related Information

The netstat command, tracesoff command, traceson command.

The setsockopt subroutine.

TCP/IP Overview, TCP/IP Protocols, TCP/IP Routing in AIX Version 4.3 System Management Guide: Communications and Networks.


[ Next Article | Previous Article | Book Contents | Library Home | Legal | Search ]