tcptrace-bugs Problems to analyze captured files.

From: Thomas Bohnert (
Date: 04/17/03

From: Thomas Bohnert <>
Subject: tcptrace-bugs Problems to analyze captured files. 
Date: Thu, 17 Apr 2003 13:26:44 +0200
Message-Id: <>


We do some investigations in mobile IPv6 and fast handovers. The goal is to
find out the packet loss and the impact for the tcp/ip stack. To analyze the
trafffic i choose tcptrace as recommended in RFCxxx.
In this way, i caputred some random traffic over a wlan link with tcpdump.
This traffic is generated by a small selfwritten generator. Ethereal is able
to open the produced file and to decode all headers including tcp. The
payload of the packets is shown as TCP short frame of course; the generator
uses a proprietary protocol.
The problem now is that i can't decode the packets with tcptrace. After
opening the trace the following message is printed:

[bothom@mira capture_11.36]# tcptrace 11.36.cap
1 arg remaining, starting with '11.36.cap'
Ostermann's tcptrace -- version 6.4.0 -- Thu Apr 3, 2003

1009 packets seen, 0 TCP packets traced
elapsed wallclock time: 0:00:00.007539, 133837 pkts/sec analyzed
trace file elapsed time: 0:00:21.643035
no traced TCP packets

The files are captured as followed:
        tcpdump -q -i any -w 11.36.cap

thanks for your help;

Thomas Bohnert


This archive was generated by hypermail 2b30 : 04/17/03 EDT