Traffic Trace Info
DumpFile: 200904010345.dump
FileSize: 845.65MB
Id: 200904010345
StartTime: Wed Apr 1 03:45:00 2009
EndTime: Wed Apr 1 04:00:00 2009
TotalTime: 900.04 seconds
TotalCapSize: 660.89MB CapLen: 96 bytes
# of packets: 12107798 (8485.03MB)
AvgRate: 79.07Mbps stddev:11.70M
IP flow (unique src/dst pair) Information
# of flows: 856710 (avg. 14.13 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.8% 2.5% 2.1% 1.8% 1.5% 1.5% 1.0% 0.9% 0.9% 0.8%
IP address Information
# of IPv4 addresses: 548284
Top 10 bandwidth usage (bytes/total in %):
16.7% 15.3% 8.2% 6.9% 5.2% 3.5% 2.8% 2.7% 2.6% 2.5%
# of IPv6 addresses: 958
Top 10 bandwidth usage (bytes/total in %):
26.2% 25.8% 13.8% 9.6% 6.6% 4.3% 3.5% 3.5% 3.5% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200904010345.pktlen.png)
detailed numbers
[ 32- 63]: 2642334
[ 64- 127]: 2549329
[ 128- 255]: 758228
[ 256- 511]: 359597
[ 512- 1023]: 233242
[ 1024- 2047]: 5565068
Protocol Breakdown
![[protocol breakdown chart]](200904010345.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 12107798 (100.00%) 8897203749 (100.00%) 734.83
ip 12085479 ( 99.82%) 8892308028 ( 99.94%) 735.78
tcp 9492941 ( 78.40%) 8285809049 ( 93.13%) 872.84
http(s) 4693142 ( 38.76%) 6422395506 ( 72.18%) 1368.46
http(c) 2166107 ( 17.89%) 158427048 ( 1.78%) 73.14
squid 708217 ( 5.85%) 620842230 ( 6.98%) 876.63
smtp 336062 ( 2.78%) 82399392 ( 0.93%) 245.19
nntp 1 ( 0.00%) 60 ( 0.00%) 60.00
ftp 55613 ( 0.46%) 40783574 ( 0.46%) 733.35
pop3 4073 ( 0.03%) 1792005 ( 0.02%) 439.97
imap 2290 ( 0.02%) 324866 ( 0.00%) 141.86
telnet 2463 ( 0.02%) 163639 ( 0.00%) 66.44
ssh 14501 ( 0.12%) 2049095 ( 0.02%) 141.31
dns 100445 ( 0.83%) 125352805 ( 1.41%) 1247.97
bgp 130 ( 0.00%) 40565 ( 0.00%) 312.04
realaud 20 ( 0.00%) 1665 ( 0.00%) 83.25
rtsp 88 ( 0.00%) 23496 ( 0.00%) 267.00
icecast 83 ( 0.00%) 5194 ( 0.00%) 62.58
hotline 2 ( 0.00%) 124 ( 0.00%) 62.00
other 1409671 ( 11.64%) 831205805 ( 9.34%) 589.65
udp 1627882 ( 13.44%) 472635471 ( 5.31%) 290.34
dns 1076948 ( 8.89%) 223676539 ( 2.51%) 207.69
realaud 126 ( 0.00%) 8877 ( 0.00%) 70.45
halflif 43 ( 0.00%) 4988 ( 0.00%) 116.00
starcra 65 ( 0.00%) 12398 ( 0.00%) 190.74
everque 114 ( 0.00%) 19030 ( 0.00%) 166.93
unreal 18 ( 0.00%) 2989 ( 0.00%) 166.06
quake 14 ( 0.00%) 1372 ( 0.00%) 98.00
cuseeme 6 ( 0.00%) 488 ( 0.00%) 81.33
other 550399 ( 4.55%) 248775218 ( 2.80%) 451.99
icmp 930592 ( 7.69%) 128131012 ( 1.44%) 137.69
ipip 352 ( 0.00%) 42946 ( 0.00%) 122.01
ipsec 110 ( 0.00%) 17412 ( 0.00%) 158.29
ip6 23842 ( 0.20%) 4372219 ( 0.05%) 183.38
other 9760 ( 0.08%) 1299919 ( 0.01%) 133.19
frag 55393 ( 0.46%) 60826406 ( 0.68%) 1098.09
ip6 22319 ( 0.18%) 4895721 ( 0.06%) 219.35
tcp6 7120 ( 0.06%) 2645937 ( 0.03%) 371.62
http(s) 681 ( 0.01%) 674581 ( 0.01%) 990.57
http(c) 2959 ( 0.02%) 264904 ( 0.00%) 89.52
smtp 516 ( 0.00%) 186263 ( 0.00%) 360.97
ftp 22 ( 0.00%) 2066 ( 0.00%) 93.91
bgp 386 ( 0.00%) 33777 ( 0.00%) 87.51
other 2556 ( 0.02%) 1484346 ( 0.02%) 580.73
udp6 10498 ( 0.09%) 1656863 ( 0.02%) 157.83
dns 10443 ( 0.09%) 1650477 ( 0.02%) 158.05
halflif 1 ( 0.00%) 110 ( 0.00%) 110.00
everque 1 ( 0.00%) 105 ( 0.00%) 105.00
quake 1 ( 0.00%) 107 ( 0.00%) 107.00
other 52 ( 0.00%) 6064 ( 0.00%) 116.62
icmp6 4669 ( 0.04%) 588721 ( 0.01%) 126.09
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 2 ( 0.00%) 120 ( 0.00%) 60.00
tcpdump file: 200904010345.dump.gz (296.26 MB)