Traffic Trace Info
DumpFile: 201004130115.dump
FileSize: 2543.26MB
Id: 201004130115
StartTime: Tue Apr 13 01:15:01 2010
EndTime: Tue Apr 13 01:30:00 2010
TotalTime: 899.48 seconds
TotalCapSize: 1993.98MB CapLen: 96 bytes
# of packets: 35996326 (23472.13MB)
AvgRate: 218.96Mbps stddev:31.41M
IP flow (unique src/dst pair) Information
# of flows: 1201630 (avg. 29.96 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 3.3% 3.3% 3.3% 1.3% 1.0% 0.9% 0.9% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 648223
Top 10 bandwidth usage (bytes/total in %):
14.9% 13.7% 9.9% 8.4% 7.8% 5.9% 3.5% 3.4% 3.4% 3.4%
# of IPv6 addresses: 969
Top 10 bandwidth usage (bytes/total in %):
22.5% 22.5% 21.6% 6.8% 5.9% 4.8% 3.8% 3.3% 2.7% 2.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130115.pktlen.png)
detailed numbers
[ 32- 63]: 5320904
[ 64- 127]: 10811750
[ 128- 255]: 2499554
[ 256- 511]: 1582031
[ 512- 1023]: 652769
[ 1024- 2047]: 15129318
Protocol Breakdown
![[protocol breakdown chart]](201004130115.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35996326 (100.00%) 24612309922 (100.00%) 683.75
ip 35942504 ( 99.85%) 24602371454 ( 99.96%) 684.49
tcp 23960987 ( 66.57%) 18637972965 ( 75.73%) 777.85
http(s) 11259940 ( 31.28%) 15980710490 ( 64.93%) 1419.25
http(c) 6843568 ( 19.01%) 612647640 ( 2.49%) 89.52
squid 318779 ( 0.89%) 124722548 ( 0.51%) 391.25
smtp 621403 ( 1.73%) 193159723 ( 0.78%) 310.84
ftp 83172 ( 0.23%) 7042541 ( 0.03%) 84.67
pop3 11632 ( 0.03%) 8480567 ( 0.03%) 729.07
imap 2138 ( 0.01%) 936958 ( 0.00%) 438.24
telnet 214 ( 0.00%) 33735 ( 0.00%) 157.64
ssh 1593873 ( 4.43%) 191777649 ( 0.78%) 120.32
dns 53506 ( 0.15%) 3661728 ( 0.01%) 68.44
bgp 140 ( 0.00%) 43463 ( 0.00%) 310.45
napster 58 ( 0.00%) 6335 ( 0.00%) 109.22
realaud 16 ( 0.00%) 2836 ( 0.00%) 177.25
rtsp 253 ( 0.00%) 54429 ( 0.00%) 215.13
icecast 1828 ( 0.01%) 204116 ( 0.00%) 111.66
hotline 25 ( 0.00%) 1910 ( 0.00%) 76.40
other 3170435 ( 8.81%) 1514485877 ( 6.15%) 477.69
udp 8272743 ( 22.98%) 4333471719 ( 17.61%) 523.83
dns 797418 ( 2.22%) 137841393 ( 0.56%) 172.86
realaud 1589 ( 0.00%) 97236 ( 0.00%) 61.19
halflif 179 ( 0.00%) 21679 ( 0.00%) 121.11
starcra 347 ( 0.00%) 45379 ( 0.00%) 130.78
everque 565 ( 0.00%) 130830 ( 0.00%) 231.56
unreal 57 ( 0.00%) 7884 ( 0.00%) 138.32
quake 22 ( 0.00%) 2397 ( 0.00%) 108.95
cuseeme 5 ( 0.00%) 483 ( 0.00%) 96.60
other 7472261 ( 20.76%) 4195184636 ( 17.05%) 561.43
icmp 819655 ( 2.28%) 124641962 ( 0.51%) 152.07
ipip 303 ( 0.00%) 35450 ( 0.00%) 117.00
ipsec 1372 ( 0.00%) 371832 ( 0.00%) 271.01
ip6 2682578 ( 7.45%) 1466143258 ( 5.96%) 546.54
other 204866 ( 0.57%) 39734268 ( 0.16%) 193.95
frag 1586 ( 0.00%) 1613817 ( 0.01%) 1017.54
ip6 53822 ( 0.15%) 9938468 ( 0.04%) 184.65
tcp6 17891 ( 0.05%) 3573495 ( 0.01%) 199.74
http(s) 169 ( 0.00%) 135511 ( 0.00%) 801.84
http(c) 6454 ( 0.02%) 568965 ( 0.00%) 88.16
smtp 160 ( 0.00%) 47958 ( 0.00%) 299.74
imap 224 ( 0.00%) 26523 ( 0.00%) 118.41
ssh 3181 ( 0.01%) 264126 ( 0.00%) 83.03
dns 137 ( 0.00%) 42650 ( 0.00%) 311.31
bgp 107 ( 0.00%) 13770 ( 0.00%) 128.69
other 7459 ( 0.02%) 2473992 ( 0.01%) 331.68
udp6 28856 ( 0.08%) 5488846 ( 0.02%) 190.22
dns 28495 ( 0.08%) 5421287 ( 0.02%) 190.25
other 361 ( 0.00%) 67559 ( 0.00%) 187.14
icmp6 7016 ( 0.02%) 844552 ( 0.00%) 120.38
pim6 29 ( 0.00%) 3944 ( 0.00%) 136.00
other6 30 ( 0.00%) 27631 ( 0.00%) 921.03
tcpdump file: 201004130115.dump.gz (950.47 MB)