Traffic Trace Info
DumpFile: 200903301400.dump
FileSize: 1486.12MB
Id: 200903301400
StartTime: Mon Mar 30 14:00:01 2009
EndTime: Mon Mar 30 14:15:01 2009
TotalTime: 899.97 seconds
TotalCapSize: 1172.42MB CapLen: 96 bytes
# of packets: 20557915 (14486.27MB)
AvgRate: 135.01Mbps stddev:21.08M
IP flow (unique src/dst pair) Information
# of flows: 649088 (avg. 31.67 pkts/flow)
Top 10 big flow size (bytes/total in %):
38.6% 3.6% 1.5% 1.1% 0.8% 0.8% 0.6% 0.5% 0.4% 0.4%
IP address Information
# of IPv4 addresses: 432853
Top 10 bandwidth usage (bytes/total in %):
38.6% 38.6% 6.9% 6.3% 4.3% 3.8% 3.8% 3.7% 2.6% 1.5%
# of IPv6 addresses: 2059
Top 10 bandwidth usage (bytes/total in %):
27.5% 16.5% 15.5% 13.4% 11.5% 10.6% 7.3% 5.5% 5.0% 4.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200903301400.pktlen.png)
detailed numbers
[ 32- 63]: 3530943
[ 64- 127]: 5078416
[ 128- 255]: 957893
[ 256- 511]: 726787
[ 512- 1023]: 615876
[ 1024- 2047]: 9648000
Protocol Breakdown
![[protocol breakdown chart]](200903301400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 20557915 (100.00%) 15189952623 (100.00%) 738.89
ip 20522274 ( 99.83%) 15180571513 ( 99.94%) 739.71
tcp 17792492 ( 86.55%) 14536029777 ( 95.70%) 816.98
http(s) 5170734 ( 25.15%) 6847398487 ( 45.08%) 1324.26
http(c) 3568607 ( 17.36%) 367916058 ( 2.42%) 103.10
squid 302116 ( 1.47%) 101038929 ( 0.67%) 334.44
smtp 250404 ( 1.22%) 109196108 ( 0.72%) 436.08
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 130919 ( 0.64%) 130314993 ( 0.86%) 995.39
pop3 8942 ( 0.04%) 4443515 ( 0.03%) 496.93
imap 4121 ( 0.02%) 1100293 ( 0.01%) 267.00
telnet 4340 ( 0.02%) 1090811 ( 0.01%) 251.34
ssh 6128473 ( 29.81%) 6085173874 ( 40.06%) 992.93
dns 11913 ( 0.06%) 1192919 ( 0.01%) 100.14
bgp 159 ( 0.00%) 56133 ( 0.00%) 353.04
napster 85 ( 0.00%) 5830 ( 0.00%) 68.59
realaud 3071 ( 0.01%) 194817 ( 0.00%) 63.44
rtsp 78975 ( 0.38%) 36594992 ( 0.24%) 463.37
icecast 20861 ( 0.10%) 8848180 ( 0.06%) 424.15
hotline 263 ( 0.00%) 16913 ( 0.00%) 64.31
other 2108506 ( 10.26%) 841446745 ( 5.54%) 399.07
udp 1917793 ( 9.33%) 570302665 ( 3.75%) 297.37
dns 978201 ( 4.76%) 243606382 ( 1.60%) 249.04
realaud 1015 ( 0.00%) 61961 ( 0.00%) 61.05
halflif 198 ( 0.00%) 38647 ( 0.00%) 195.19
starcra 27 ( 0.00%) 4365 ( 0.00%) 161.67
everque 61 ( 0.00%) 12258 ( 0.00%) 200.95
unreal 556 ( 0.00%) 318510 ( 0.00%) 572.86
quake 20 ( 0.00%) 1774 ( 0.00%) 88.70
cuseeme 5 ( 0.00%) 4777 ( 0.00%) 955.40
other 937468 ( 4.56%) 326100597 ( 2.15%) 347.85
icmp 744034 ( 3.62%) 59985054 ( 0.39%) 80.62
ipip 325 ( 0.00%) 38428 ( 0.00%) 118.24
ipsec 116 ( 0.00%) 18256 ( 0.00%) 157.38
ip6 29739 ( 0.14%) 7620591 ( 0.05%) 256.25
other 37775 ( 0.18%) 6576742 ( 0.04%) 174.10
frag 45871 ( 0.22%) 48892370 ( 0.32%) 1065.87
ip6 35641 ( 0.17%) 9381110 ( 0.06%) 263.21
tcp6 11524 ( 0.06%) 5188820 ( 0.03%) 450.26
http(s) 2079 ( 0.01%) 1400639 ( 0.01%) 673.71
http(c) 6180 ( 0.03%) 840679 ( 0.01%) 136.03
smtp 127 ( 0.00%) 46736 ( 0.00%) 368.00
ftp 20 ( 0.00%) 2379 ( 0.00%) 118.95
bgp 366 ( 0.00%) 31270 ( 0.00%) 85.44
other 2752 ( 0.01%) 2867117 ( 0.02%) 1041.83
udp6 17370 ( 0.08%) 3033504 ( 0.02%) 174.64
dns 14438 ( 0.07%) 2266313 ( 0.01%) 156.97
other 2932 ( 0.01%) 767191 ( 0.01%) 261.66
icmp6 6387 ( 0.03%) 845995 ( 0.01%) 132.46
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 330 ( 0.00%) 308711 ( 0.00%) 935.49
tcpdump file: 200903301400.dump.gz (503.05 MB)