Traffic Trace Info
DumpFile: 200904012200.dump
FileSize: 1157.49MB
Id: 200904012200
StartTime: Wed Apr 1 22:00:00 2009
EndTime: Wed Apr 1 22:15:01 2009
TotalTime: 900.30 seconds
TotalCapSize: 902.53MB CapLen: 96 bytes
# of packets: 16696317 (11559.32MB)
AvgRate: 107.71Mbps stddev:11.38M
IP flow (unique src/dst pair) Information
# of flows: 868428 (avg. 19.23 pkts/flow)
Top 10 big flow size (bytes/total in %):
9.3% 3.4% 2.6% 1.6% 1.5% 1.3% 1.3% 1.0% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 545782
Top 10 bandwidth usage (bytes/total in %):
15.2% 13.2% 10.5% 9.3% 8.9% 5.8% 3.7% 3.4% 2.9% 2.6%
# of IPv6 addresses: 2662
Top 10 bandwidth usage (bytes/total in %):
67.2% 64.2% 11.0% 7.6% 5.8% 4.7% 3.4% 3.0% 1.6% 1.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](200904012200.pktlen.png)
detailed numbers
[ 32- 63]: 3562731
[ 64- 127]: 3664050
[ 128- 255]: 1017822
[ 256- 511]: 415780
[ 512- 1023]: 371504
[ 1024- 2047]: 7664430
Protocol Breakdown
![[protocol breakdown chart]](200904012200.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 16696317 (100.00%) 12120827053 (100.00%) 725.96
ip 16642368 ( 99.68%) 12093747640 ( 99.78%) 726.68
tcp 13072004 ( 78.29%) 11112265287 ( 91.68%) 850.08
http(s) 6515313 ( 39.02%) 8842501563 ( 72.95%) 1357.19
http(c) 3178272 ( 19.04%) 262136711 ( 2.16%) 82.48
squid 640278 ( 3.83%) 457567799 ( 3.78%) 714.64
smtp 326469 ( 1.96%) 69815750 ( 0.58%) 213.85
nntp 2 ( 0.00%) 120 ( 0.00%) 60.00
ftp 80082 ( 0.48%) 54448214 ( 0.45%) 679.91
pop3 11477 ( 0.07%) 8485040 ( 0.07%) 739.31
imap 6774 ( 0.04%) 4276801 ( 0.04%) 631.36
telnet 13057 ( 0.08%) 3049069 ( 0.03%) 233.52
ssh 69684 ( 0.42%) 17547358 ( 0.14%) 251.81
dns 20168 ( 0.12%) 5598782 ( 0.05%) 277.61
bgp 135 ( 0.00%) 50587 ( 0.00%) 374.72
napster 163 ( 0.00%) 15570 ( 0.00%) 95.52
realaud 15 ( 0.00%) 1092 ( 0.00%) 72.80
rtsp 281 ( 0.00%) 48459 ( 0.00%) 172.45
icecast 450 ( 0.00%) 64792 ( 0.00%) 143.98
hotline 9 ( 0.00%) 577 ( 0.00%) 64.11
other 2209337 ( 13.23%) 1386654723 ( 11.44%) 627.63
udp 2702405 ( 16.19%) 854090551 ( 7.05%) 316.05
dns 1249462 ( 7.48%) 256139023 ( 2.11%) 205.00
realaud 2725 ( 0.02%) 163782 ( 0.00%) 60.10
halflif 1371 ( 0.01%) 105849 ( 0.00%) 77.21
starcra 36 ( 0.00%) 6265 ( 0.00%) 174.03
everque 59 ( 0.00%) 11156 ( 0.00%) 189.08
unreal 18 ( 0.00%) 4053 ( 0.00%) 225.17
quake 21 ( 0.00%) 2699 ( 0.00%) 128.52
cuseeme 8 ( 0.00%) 971 ( 0.00%) 121.38
other 1448500 ( 8.68%) 597484388 ( 4.93%) 412.48
icmp 720957 ( 4.32%) 101804422 ( 0.84%) 141.21
ipip 312 ( 0.00%) 39296 ( 0.00%) 125.95
ip6 30006 ( 0.18%) 6319664 ( 0.05%) 210.61
other 116684 ( 0.70%) 19228420 ( 0.16%) 164.79
frag 51697 ( 0.31%) 57960304 ( 0.48%) 1121.15
ip6 53949 ( 0.32%) 27079413 ( 0.22%) 501.94
tcp6 29228 ( 0.18%) 22596258 ( 0.19%) 773.10
http(s) 3119 ( 0.02%) 2110924 ( 0.02%) 676.80
http(c) 5421 ( 0.03%) 1113094 ( 0.01%) 205.33
smtp 279 ( 0.00%) 105067 ( 0.00%) 376.58
ftp 2353 ( 0.01%) 243213 ( 0.00%) 103.36
imap 518 ( 0.00%) 302331 ( 0.00%) 583.65
ssh 1685 ( 0.01%) 167786 ( 0.00%) 99.58
dns 18 ( 0.00%) 2003 ( 0.00%) 111.28
bgp 390 ( 0.00%) 34501 ( 0.00%) 88.46
other 15445 ( 0.09%) 18517339 ( 0.15%) 1198.92
udp6 18495 ( 0.11%) 3270598 ( 0.03%) 176.84
dns 14876 ( 0.09%) 2238109 ( 0.02%) 150.45
everque 2 ( 0.00%) 210 ( 0.00%) 105.00
quake 1 ( 0.00%) 104 ( 0.00%) 104.00
other 3616 ( 0.02%) 1032175 ( 0.01%) 285.45
icmp6 5696 ( 0.03%) 727699 ( 0.01%) 127.76
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 500 ( 0.00%) 480778 ( 0.00%) 961.56
tcpdump file: 200904012200.dump.gz (414.33 MB)