Traffic Trace Info
DumpFile: 201004130200.dump
FileSize: 2517.86MB
Id: 201004130200
StartTime: Tue Apr 13 02:00:01 2010
EndTime: Tue Apr 13 02:15:01 2010
TotalTime: 899.31 seconds
TotalCapSize: 1972.94MB CapLen: 96 bytes
# of packets: 35705740 (23298.67MB)
AvgRate: 217.33Mbps stddev:23.74M
IP flow (unique src/dst pair) Information
# of flows: 1210178 (avg. 29.50 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.4% 2.1% 1.8% 1.7% 1.6% 1.3% 1.2% 1.1% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 647276
Top 10 bandwidth usage (bytes/total in %):
14.4% 10.9% 10.0% 9.0% 8.6% 5.4% 5.0% 2.5% 2.5% 2.5%
# of IPv6 addresses: 995
Top 10 bandwidth usage (bytes/total in %):
26.7% 9.6% 7.3% 7.0% 4.4% 4.3% 3.2% 3.2% 3.0% 2.9%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130200.pktlen.png)
detailed numbers
[ 32- 63]: 5673666
[ 64- 127]: 10216515
[ 128- 255]: 2591585
[ 256- 511]: 1551320
[ 512- 1023]: 730225
[ 1024- 2047]: 14942429
Protocol Breakdown
![[protocol breakdown chart]](201004130200.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 35705740 (100.00%) 24430421434 (100.00%) 684.22
ip 35655020 ( 99.86%) 24422227357 ( 99.97%) 684.96
tcp 24195712 ( 67.76%) 18917667020 ( 77.43%) 781.86
http(s) 11089559 ( 31.06%) 15626891645 ( 63.96%) 1409.15
http(c) 6455452 ( 18.08%) 579721495 ( 2.37%) 89.80
squid 278199 ( 0.78%) 73365098 ( 0.30%) 263.71
smtp 491936 ( 1.38%) 161432224 ( 0.66%) 328.16
nntp 4 ( 0.00%) 240 ( 0.00%) 60.00
ftp 24856 ( 0.07%) 2202080 ( 0.01%) 88.59
pop3 14428 ( 0.04%) 11530439 ( 0.05%) 799.17
imap 2305 ( 0.01%) 1249423 ( 0.01%) 542.05
telnet 879 ( 0.00%) 91378 ( 0.00%) 103.96
ssh 1640073 ( 4.59%) 205468794 ( 0.84%) 125.28
dns 55957 ( 0.16%) 3883618 ( 0.02%) 69.40
bgp 378 ( 0.00%) 229128 ( 0.00%) 606.16
napster 18 ( 0.00%) 1178 ( 0.00%) 65.44
realaud 40 ( 0.00%) 4140 ( 0.00%) 103.50
rtsp 101 ( 0.00%) 6906 ( 0.00%) 68.38
icecast 724 ( 0.00%) 54661 ( 0.00%) 75.50
hotline 26 ( 0.00%) 2586 ( 0.00%) 99.46
other 4140775 ( 11.60%) 2251531867 ( 9.22%) 543.75
udp 7899906 ( 22.13%) 4006630207 ( 16.40%) 507.17
dns 763452 ( 2.14%) 131066878 ( 0.54%) 171.68
realaud 29 ( 0.00%) 2989 ( 0.00%) 103.07
halflif 193 ( 0.00%) 20461 ( 0.00%) 106.02
starcra 368 ( 0.00%) 44056 ( 0.00%) 119.72
everque 14417 ( 0.04%) 3086469 ( 0.01%) 214.09
unreal 57 ( 0.00%) 7026 ( 0.00%) 123.26
quake 37 ( 0.00%) 3423 ( 0.00%) 92.51
cuseeme 12 ( 0.00%) 1233 ( 0.00%) 102.75
other 7121164 ( 19.94%) 3872290954 ( 15.85%) 543.77
icmp 856338 ( 2.40%) 129188840 ( 0.53%) 150.86
ipip 363 ( 0.00%) 43950 ( 0.00%) 121.07
ipsec 4389 ( 0.01%) 2016230 ( 0.01%) 459.38
ip6 2537090 ( 7.11%) 1330285597 ( 5.45%) 524.34
other 161222 ( 0.45%) 36395513 ( 0.15%) 225.75
frag 1290 ( 0.00%) 1326042 ( 0.01%) 1027.94
ip6 50720 ( 0.14%) 8194077 ( 0.03%) 161.56
tcp6 14924 ( 0.04%) 1596793 ( 0.01%) 106.99
http(s) 22 ( 0.00%) 8204 ( 0.00%) 372.91
http(c) 8811 ( 0.02%) 800802 ( 0.00%) 90.89
smtp 449 ( 0.00%) 224163 ( 0.00%) 499.25
imap 105 ( 0.00%) 15258 ( 0.00%) 145.31
ssh 3207 ( 0.01%) 265922 ( 0.00%) 82.92
dns 129 ( 0.00%) 31426 ( 0.00%) 243.61
bgp 108 ( 0.00%) 13662 ( 0.00%) 126.50
other 2093 ( 0.01%) 237356 ( 0.00%) 113.40
udp6 28514 ( 0.08%) 5632173 ( 0.02%) 197.52
dns 28083 ( 0.08%) 5552772 ( 0.02%) 197.73
everque 1 ( 0.00%) 110 ( 0.00%) 110.00
other 430 ( 0.00%) 79291 ( 0.00%) 184.40
icmp6 7160 ( 0.02%) 884772 ( 0.00%) 123.57
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 92 ( 0.00%) 76259 ( 0.00%) 828.90
tcpdump file: 201004130200.dump.gz (937.28 MB)