trpt Command

Purpose

Performs protocol tracing on TCP sockets.

Syntax

trpt-a ] [  -f ] [  -j ] [  -pAddress ]... [  -s ] [  -t ]

Description

The trpt command queries the buffer for Transmission Control Protocol (TCP) trace records. This buffer is created when a socket is marked for debugging with the setsockopt subroutine. The trpt command then prints a description of these trace records.

Note: You can use the traceson command to turn on socket level debugging for daemons.

When you specify no options, the trpt command prints all the trace records found in the system and groups them according to their TCP/IP connection protocol control block (PCB).

Before you can use the trpt command, you must:

  1. Isolate the problem and mark for debugging the socket or sockets involved in the connection.
  2. Find the address of the protocol control blocks associated with these sockets by using the netstat -aA command.
  3. Then you can run the trpt command, using the -p flag to supply the associated protocol control block addresses. You can specify multiple -pAddress flags with a single trpt command.

The -f flag can be used to follow the trace log once it is located. The -j flag can be used to check the presence of trace records for the socket in question.

If the system image does not contain the proper symbols to find the trace buffer, the trpt command cannot succeed.

Output Fields

The information put out by the trpt command varies with the flag you use. Definitions of the fields contained in the various types of output follow:

Item Description
Protocol Control Block identifier Identifies the protocol block to be traced, as shown in the following example:
4c500c:
Timestamp Specifies the time at which the connection is attempted, as shown in the following example:
500
Connection State Specifies the state of the connection with the protocol control block:
CLOSED
Connection is closed.
LISTEN
Listening for a connection.
SYN_SENT
Active; have sent SYN. Represents waiting for a matching connection request after having sent a connection request.
SYN_RCVD
Have sent and received SYN. Represents waiting for a confirming connection request acknowledgment after having both received and sent connection requests.
ESTABLISHED
Connection established.
CLOSE_WAIT
Have received FIN; waiting to receive CLOSE.
LAST_ACK
Have received FIN and CLOSE; awaiting FIN ACK.
FIN_WAIT_1
Have closed; sent FIN.
CLOSING
Closed; exchanged FIN; awaiting FIN.
FIN_WAIT_2
Have closed; FIN is acknowledged; awaiting FIN.
TIME_WAIT
In 2MSL (twice the maximum segment length) quiet wait after close.
Action Specifies the current status of the packet trace connection. The output of the command changes depending on the action.
Input
Receiving input packets. The syntax of the output is:
input (SourceAddress, Port, DestinationAddress,
Port) <Sequence Number of the First Data Octet> @
AcknowledgementNumber

as in the following example:

input (src=129.353173176,23, dst=129.35.17.140, 1795) fb9f5461@fb9e4c68
Output
Transmitting packets. The syntax of the output is:
output (SourceAddress, Port, DestinationAddress,
Port) <Sequence Number Of The First Data Octet>..
<Sequence Number of the Last Data Octet>@
AcknowledgementNumber)

as in the following example:

output (src=129.35.17.140,1795, dst=129.35.17.176, 23) fb9e4c68@fb9f5462
Window Size
Specifies the size of the window sending or receiving packets, as shown in the following example:
(win=1000)
 
User
Specifies user request. The following is an example of a user request:
SLOWTIMO<KEEP>

Types of user requests and their definitions follow:

PRU_ATTACH
Attach protocol to up.
PRU-DETACH
Detach protocol from up.
PRU_BIND
Bind socket to address.
PRU_LISTEN
Listen for connection.
PRU_CONNECT
Establish connection to peer.
PRU_ACCEPT
Accept connection from peer.
PRU_DISCONNECT
Disconnect from peer.
PRU_SHUTDOWN
Will not send any more data.
PRU_RCVD
Have taken data; more room now.
PRU_SEND
Send this data.
PRU_ABORT
Abort (fast DISCONNECT, DETACH).
PRU_CONTROL
Control operations on protocol.
PRU_SENSE
Return status into m.
PRU_RCVOOB
Retrieve out of band data.
PRU_SENDOOB
Send out of band data.
PRU_SOCKADDR
Fetch socket's address.
PRU_PEERADDR
Fetch peer's address.
PRU_CONNECT2
Connect two sockets.
PRU_FASTTIMO
200 milliseconds timeout.
PRU_SLOTIMO
500 milliseconds timeout.
PRU_PROTORCV
Receive from below.
PRU_PROTOSEND
Send to below.
Drop Specifies that data was in preceding segment; data is dropped.
Window and Sequence Variables Types of window and sequence variables follow:
rcv_nxt
Next sequence number expected on incoming segments.
rcv_wnd
Size of receive window.
snd_una
Oldest unacknowledged sequence number.
snd_nxt
Next sequence number to be sent.
snd_max
Highest sequence number sent.
snd_sl1
Window update segment sequence number.
snd_wl1
Window update segment ack number.
snd_wnd
Send window.

Flags

Item Description
-a Prints the values of the source and destination addresses for each packet recorded, in addition to the normal output.
-f Follows the trace as it occurs, waiting briefly for additional records each time the end of the log is reached.
-j Lists just the protocol control block addresses for which trace records exist.
-pAddress Shows only trace records associated with the protocol control block specified in hexadecimal by the Address variable. You must repeat the -p flag with each Address variable specified.
-s Prints a detailed description of the packet-sequencing information, in addition to the normal output.
-t Prints the values for all timers at each point in the trace, in addition to the normal output.

Examples

  1. To print trace information as well as the source and destination addresses for each packet recorded, enter:
    $ trpt -a
    This might display the following output:
    124b0c:
    900 ESTABLISHED:input (src=192.9.201.3,4257, dst=192.9.201.2,102
    5)2326e6e5@ad938c02(win=200)<ACK,FIN,PUSH> -> CLOSE_WAIT
    900 CLOSE_WAIT:output (src=192.9.201.2,1025, dst=192.9.201.3,425
    7)ad938c02@2326e6e6(win=4000)<ACK> -> CLOSE_WAIT
    900 LAST_ACK:output (src=192.9.201.2,1025, dst=192.9.201.3,4257)
    ad938c02@2326e6e6(win=4000)<ACK,FIN> -> LAST_ACK
    900 CLOSE_WAIT:user DISCONNECT -> LAST_ACK
    900 LAST_ACK:user DETACH -> LAST_ACK 12500c:
    800 ESTABLISHED:output (src=192.9.201.2,1024, dst=192.9.201.3,51
    2)ad8eaa13@2326e6e5(win=4000)<ACK> -> ESTABLISHED
    800 ESTABLISHED:input (src=192.9.201.3,512, \
    dst=192.9.201.2,1024)
    [2326e6e5..2326e727)@ad8eaa13(win=1ef)<ACK,PUSH> -> ESTABLISHED
    800 ESTABLISHED:user RCVD -> ESTABLISHED
    900 ESTABLISHED:output (src=192.9.201.2,1024, dst=192.9.201.3,51
    2)ad8eaa13@2326e727(win=4000)<ACK> -> ESTABLISHED
    900 ESTABLISHED:input (src=192.9.201.3,512, \
    dst=192.9.201.2,1024)
    [2326e727..2326e82f)@ad8eaa13(win=1ef)<ACK,PUSH> -> ESTABLISHED
    900 ESTABLISHED:user RCVD -> ESTABLISHED
    900 ESTABLISHED:output (src=192.9.201.2,1024, dst=192.9.201.3,51
    2)ad8eaa13@2326e82f(win=4000)<ACK> -> ESTABLISHED
    900 ESTABLISHED:input (src=192.9.201.3,512, \
    dst=192.9.201.2,1024)
    2326e82f@ad8eaa13(win=1ef)<ACK,FIN,PUSH> -> CLOSE_WAIT
    900 CLOSE_WAIT:output (src=192.9.201.2,1024, \
    dst=192.9.201.3,512)
    ad8eaa13@2326e830(win=4000)<ACK> -> CLOSE_WAIT
    900 LAST_ACK:output (src=192.9.201.2,1024, dst=192.9.201.3,512)a
    d8eaa13@2326e830(win=4000)<ACK,FIN> -> LAST_ACK
    900 CLOSE_WAIT:user DISCONNECT -> LAST_ACK
    900 LAST_ACK:user DETACH -> LAST_ACK
    $ _
  2. To list the protocol control blocks that have trace records, enter:
    trpt -j
    This might display the following output:
    124b0c, 12500c
  3. To print the trace records associated with a single protocol control block, enter:
    trpt -p 12500c
    This might display the following output:
    800 ESTABLISHED:output ad8eaa13@2326e6e5(win=4000)<ACK> -> 
    ESTABLISHED
    800 ESTABLISHED:input [2326e6e5..2326e727)@ad8eaa13(win=1ef) 
    <ACK,PUSH> -> ESTABLISHED
    800 ESTABLISHED:user RCVD -> ESTABLISHED
    900 ESTABLISHED:output ad8eaa13@2326e727(win=4000)<ACK> -> ESTABLISHED
    900 ESTABLISHED:input [2326e727..2326e82f)@ad8eaa13(win=1ef) <ACK,PUSH> -> ESTABLISHED
    900 ESTABLISHED:user RCVD -> ESTABLISHED
    900 ESTABLISHED:output ad8eaa13@2326e82f(win=4000)<ACK> -> ESTABLISHED
    900 ESTABLISHED:input 2326e82f@ad8eaa13(win=1ef)<ACK,FIN,PUSH> -> CLOSE_WAIT
    900 CLOSE_WAIT:output ad8eaa13@2326e830(win=4000)<ACK> -> CLOSE_WAIT
    900 LAST_ACK:output ad8eaa13@2326e830(win=4000)<ACK,FIN> -> LAST_ACK
    900 CLOSE_WAIT:user DISCONNECT -> LAST_ACK
    900 LAST_ACK:user DETACH -> LAST_ACK
    $ _