Traffic Trace Info
DumpFile: 200903310230.dump
FileSize: 1254.12MB
Id: 200903310230
StartTime: Tue Mar 31 02:30:00 2009
EndTime: Tue Mar 31 02:45:01 2009
TotalTime: 900.07 seconds
TotalCapSize: 981.60MB CapLen: 96 bytes
# of packets: 17859320 (12265.25MB)
AvgRate: 114.31Mbps stddev:11.23M
IP flow (unique src/dst pair) Information
# of flows: 784605 (avg. 22.76 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.3% 4.4% 3.6% 3.3% 3.2% 2.0% 1.7% 1.5% 1.2% 1.2%
IP address Information
# of IPv4 addresses: 497572
Top 10 bandwidth usage (bytes/total in %):
14.5% 9.3% 8.0% 7.9% 6.4% 6.3% 6.3% 5.6% 4.4% 3.6%
# of IPv6 addresses: 2294
Top 10 bandwidth usage (bytes/total in %):
24.8% 24.8% 10.6% 10.3% 5.3% 4.8% 4.8% 4.7% 3.3% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200903310230.pktlen.png)
detailed numbers
[ 32- 63]: 3267674
[ 64- 127]: 4618756
[ 128- 255]: 1027137
[ 256- 511]: 377719
[ 512- 1023]: 501230
[ 1024- 2047]: 8066804
Protocol Breakdown
![[protocol breakdown chart]](200903310230.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 17859320 (100.00%) 12861045870 (100.00%) 720.13
ip 17836205 ( 99.87%) 12855934763 ( 99.96%) 720.78
tcp 14458674 ( 80.96%) 11866379271 ( 92.27%) 820.71
http(s) 6442662 ( 36.07%) 8893722357 ( 69.15%) 1380.44
http(c) 2787275 ( 15.61%) 204993203 ( 1.59%) 73.55
squid 360507 ( 2.02%) 177272496 ( 1.38%) 491.73
smtp 346870 ( 1.94%) 59501637 ( 0.46%) 171.54
nntp 2 ( 0.00%) 120 ( 0.00%) 60.00
ftp 150775 ( 0.84%) 146310541 ( 1.14%) 970.39
pop3 4005 ( 0.02%) 1431335 ( 0.01%) 357.39
imap 2047 ( 0.01%) 777907 ( 0.01%) 380.02
telnet 3709 ( 0.02%) 258760 ( 0.00%) 69.77
ssh 2541142 ( 14.23%) 1119617910 ( 8.71%) 440.60
dns 17486 ( 0.10%) 3793788 ( 0.03%) 216.96
bgp 138 ( 0.00%) 50354 ( 0.00%) 364.88
napster 55 ( 0.00%) 5723 ( 0.00%) 104.05
realaud 28 ( 0.00%) 4304 ( 0.00%) 153.71
rtsp 123 ( 0.00%) 29315 ( 0.00%) 238.33
icecast 12196 ( 0.07%) 805525 ( 0.01%) 66.05
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 1789634 ( 10.02%) 1257802590 ( 9.78%) 702.83
udp 2162866 ( 12.11%) 838182296 ( 6.52%) 387.53
dns 1263507 ( 7.07%) 251954137 ( 1.96%) 199.41
realaud 18279 ( 0.10%) 8367047 ( 0.07%) 457.74
halflif 218 ( 0.00%) 35931 ( 0.00%) 164.82
starcra 32 ( 0.00%) 5256 ( 0.00%) 164.25
everque 68 ( 0.00%) 13905 ( 0.00%) 204.49
unreal 450 ( 0.00%) 214434 ( 0.00%) 476.52
quake 17 ( 0.00%) 1699 ( 0.00%) 99.94
cuseeme 13 ( 0.00%) 2311 ( 0.00%) 177.77
other 880131 ( 4.93%) 577466935 ( 4.49%) 656.11
icmp 1179867 ( 6.61%) 140409798 ( 1.09%) 119.00
ipip 327 ( 0.00%) 39709 ( 0.00%) 121.43
ipsec 116 ( 0.00%) 18256 ( 0.00%) 157.38
ip6 27687 ( 0.16%) 9626570 ( 0.07%) 347.69
other 6668 ( 0.04%) 1278863 ( 0.01%) 191.79
frag 51989 ( 0.29%) 57051872 ( 0.44%) 1097.38
ip6 23115 ( 0.13%) 5111107 ( 0.04%) 221.12
tcp6 5801 ( 0.03%) 2207311 ( 0.02%) 380.51
http(s) 226 ( 0.00%) 26336 ( 0.00%) 116.53
http(c) 2609 ( 0.01%) 243989 ( 0.00%) 93.52
smtp 484 ( 0.00%) 263128 ( 0.00%) 543.65
ftp 19 ( 0.00%) 1934 ( 0.00%) 101.79
imap 248 ( 0.00%) 244357 ( 0.00%) 985.31
bgp 380 ( 0.00%) 33002 ( 0.00%) 86.85
other 1835 ( 0.01%) 1394565 ( 0.01%) 759.98
udp6 13057 ( 0.07%) 2038369 ( 0.02%) 156.11
dns 10684 ( 0.06%) 1683200 ( 0.01%) 157.54
halflif 1 ( 0.00%) 105 ( 0.00%) 105.00
starcra 4 ( 0.00%) 464 ( 0.00%) 116.00
other 2368 ( 0.01%) 354600 ( 0.00%) 149.75
icmp6 3883 ( 0.02%) 546528 ( 0.00%) 140.75
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 344 ( 0.00%) 314819 ( 0.00%) 915.17
tcpdump file: 200903310230.dump.gz (450.25 MB)