Traffic Trace Info
DumpFile: 200903301745.dump
FileSize: 1497.43MB
Id: 200903301745
StartTime: Mon Mar 30 17:45:00 2009
EndTime: Mon Mar 30 18:00:01 2009
TotalTime: 900.68 seconds
TotalCapSize: 1169.04MB CapLen: 96 bytes
# of packets: 21511518 (15503.05MB)
AvgRate: 144.39Mbps stddev:15.44M
IP flow (unique src/dst pair) Information
# of flows: 769353 (avg. 27.96 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.5% 2.4% 2.3% 2.0% 1.6% 1.3% 1.2% 1.2% 1.1% 1.1%
IP address Information
# of IPv4 addresses: 497470
Top 10 bandwidth usage (bytes/total in %):
13.6% 11.7% 11.4% 9.2% 4.2% 3.5% 3.2% 3.2% 2.8% 2.7%
# of IPv6 addresses: 2209
Top 10 bandwidth usage (bytes/total in %):
19.4% 16.2% 14.5% 14.5% 13.1% 8.1% 8.1% 7.8% 6.7% 5.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200903301745.pktlen.png)
detailed numbers
[ 32- 63]: 5037640
[ 64- 127]: 4122051
[ 128- 255]: 1153046
[ 256- 511]: 455909
[ 512- 1023]: 514143
[ 1024- 2047]: 10228729
Protocol Breakdown
![[protocol breakdown chart]](200903301745.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 21511518 (100.00%) 16256126330 (100.00%) 755.69
ip 21478831 ( 99.85%) 16247392000 ( 99.95%) 756.44
tcp 18373880 ( 85.41%) 15406549618 ( 94.77%) 838.50
http(s) 9224497 ( 42.88%) 12731593759 ( 78.32%) 1380.19
http(c) 5476184 ( 25.46%) 471641050 ( 2.90%) 86.13
squid 325132 ( 1.51%) 136237848 ( 0.84%) 419.02
smtp 327735 ( 1.52%) 119740635 ( 0.74%) 365.36
nntp 3 ( 0.00%) 186 ( 0.00%) 62.00
ftp 95900 ( 0.45%) 78487421 ( 0.48%) 818.43
pop3 9165 ( 0.04%) 3442016 ( 0.02%) 375.56
imap 8356 ( 0.04%) 795371 ( 0.00%) 95.19
telnet 13894 ( 0.06%) 3048886 ( 0.02%) 219.44
ssh 235030 ( 1.09%) 28865454 ( 0.18%) 122.82
dns 14765 ( 0.07%) 1499525 ( 0.01%) 101.56
bgp 182 ( 0.00%) 76877 ( 0.00%) 422.40
napster 34 ( 0.00%) 3352 ( 0.00%) 98.59
realaud 49 ( 0.00%) 4414 ( 0.00%) 90.08
rtsp 20036 ( 0.09%) 20783127 ( 0.13%) 1037.29
icecast 38048 ( 0.18%) 9991834 ( 0.06%) 262.61
hotline 145 ( 0.00%) 8976 ( 0.00%) 61.90
other 2584718 ( 12.02%) 1800328467 ( 11.07%) 696.53
udp 1994258 ( 9.27%) 677136589 ( 4.17%) 339.54
dns 1140827 ( 5.30%) 273716270 ( 1.68%) 239.93
realaud 18 ( 0.00%) 2403 ( 0.00%) 133.50
halflif 130 ( 0.00%) 20064 ( 0.00%) 154.34
starcra 30 ( 0.00%) 5301 ( 0.00%) 176.70
everque 128 ( 0.00%) 23496 ( 0.00%) 183.56
unreal 525 ( 0.00%) 242468 ( 0.00%) 461.84
quake 26 ( 0.00%) 4639 ( 0.00%) 178.42
cuseeme 4 ( 0.00%) 1189 ( 0.00%) 297.25
other 852403 ( 3.96%) 402980304 ( 2.48%) 472.76
icmp 971201 ( 4.51%) 87565826 ( 0.54%) 90.16
ipip 333 ( 0.00%) 39986 ( 0.00%) 120.08
ipsec 112 ( 0.00%) 17728 ( 0.00%) 158.29
ip6 71856 ( 0.33%) 62413046 ( 0.38%) 868.59
other 67191 ( 0.31%) 13669207 ( 0.08%) 203.44
frag 50776 ( 0.24%) 54573780 ( 0.34%) 1074.79
ip6 32687 ( 0.15%) 8734330 ( 0.05%) 267.21
tcp6 9632 ( 0.04%) 4547799 ( 0.03%) 472.16
http(s) 2807 ( 0.01%) 2213911 ( 0.01%) 788.71
http(c) 4415 ( 0.02%) 745737 ( 0.00%) 168.91
smtp 176 ( 0.00%) 86166 ( 0.00%) 489.58
ftp 20 ( 0.00%) 3756 ( 0.00%) 187.80
ssh 2 ( 0.00%) 172 ( 0.00%) 86.00
bgp 383 ( 0.00%) 33445 ( 0.00%) 87.32
other 1829 ( 0.01%) 1464612 ( 0.01%) 800.77
udp6 18275 ( 0.08%) 3202042 ( 0.02%) 175.21
dns 15345 ( 0.07%) 2468595 ( 0.02%) 160.87
starcra 4 ( 0.00%) 516 ( 0.00%) 129.00
cuseeme 1 ( 0.00%) 107 ( 0.00%) 107.00
other 2925 ( 0.01%) 732824 ( 0.00%) 250.54
icmp6 4329 ( 0.02%) 577646 ( 0.00%) 133.44
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 421 ( 0.00%) 402763 ( 0.00%) 956.68
tcpdump file: 200903301745.dump.gz (512.83 MB)