Traffic Trace Info
DumpFile: 201004130230.dump
FileSize: 2254.53MB
Id: 201004130230
StartTime: Tue Apr 13 02:30:01 2010
EndTime: Tue Apr 13 02:45:01 2010
TotalTime: 900.14 seconds
TotalCapSize: 1763.41MB CapLen: 96 bytes
# of packets: 32183990 (20510.85MB)
AvgRate: 191.14Mbps stddev:14.95M
IP flow (unique src/dst pair) Information
# of flows: 1092754 (avg. 29.45 pkts/flow)
Top 10 big flow size (bytes/total in %):
4.0% 3.2% 2.1% 1.0% 0.9% 0.7% 0.6% 0.6% 0.6% 0.5%
IP address Information
# of IPv4 addresses: 591225
Top 10 bandwidth usage (bytes/total in %):
16.5% 9.8% 8.2% 7.0% 6.1% 6.0% 6.0% 4.1% 3.2% 3.1%
# of IPv6 addresses: 978
Top 10 bandwidth usage (bytes/total in %):
28.6% 8.2% 7.7% 6.5% 4.2% 4.0% 3.0% 3.0% 2.9% 2.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130230.pktlen.png)
detailed numbers
[ 32- 63]: 5278191
[ 64- 127]: 9121992
[ 128- 255]: 2480074
[ 256- 511]: 1540831
[ 512- 1023]: 646799
[ 1024- 2047]: 13116103
Protocol Breakdown
![[protocol breakdown chart]](201004130230.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 32183990 (100.00%) 21507189447 (100.00%) 668.26
ip 32135895 ( 99.85%) 21499540350 ( 99.96%) 669.02
tcp 20728434 ( 64.41%) 16083533422 ( 74.78%) 775.92
http(s) 8525527 ( 26.49%) 11928903741 ( 55.46%) 1399.20
http(c) 4809454 ( 14.94%) 476352866 ( 2.21%) 99.05
squid 256722 ( 0.80%) 78828871 ( 0.37%) 307.06
smtp 595573 ( 1.85%) 154987738 ( 0.72%) 260.23
ftp 19644 ( 0.06%) 2352092 ( 0.01%) 119.74
pop3 7755 ( 0.02%) 4831089 ( 0.02%) 622.96
imap 1263 ( 0.00%) 666040 ( 0.00%) 527.35
telnet 1872 ( 0.01%) 154187 ( 0.00%) 82.36
ssh 1674467 ( 5.20%) 209396911 ( 0.97%) 125.05
dns 58002 ( 0.18%) 3960077 ( 0.02%) 68.27
bgp 173 ( 0.00%) 67912 ( 0.00%) 392.55
napster 77 ( 0.00%) 12001 ( 0.00%) 155.86
realaud 38 ( 0.00%) 5628 ( 0.00%) 148.11
rtsp 65 ( 0.00%) 4622 ( 0.00%) 71.11
icecast 302 ( 0.00%) 18890 ( 0.00%) 62.55
hotline 4 ( 0.00%) 242 ( 0.00%) 60.50
other 4777495 ( 14.84%) 3222990455 ( 14.99%) 674.62
udp 7780224 ( 24.17%) 3929553744 ( 18.27%) 505.07
dns 764192 ( 2.37%) 132610786 ( 0.62%) 173.53
rip 1 ( 0.00%) 109 ( 0.00%) 109.00
realaud 21 ( 0.00%) 2669 ( 0.00%) 127.10
halflif 140 ( 0.00%) 16525 ( 0.00%) 118.04
starcra 285 ( 0.00%) 35153 ( 0.00%) 123.34
everque 15777 ( 0.05%) 3544250 ( 0.02%) 224.65
unreal 53 ( 0.00%) 7146 ( 0.00%) 134.83
quake 26 ( 0.00%) 3533 ( 0.00%) 135.88
cuseeme 6 ( 0.00%) 550 ( 0.00%) 91.67
other 6999423 ( 21.75%) 3793147067 ( 17.64%) 541.92
icmp 835951 ( 2.60%) 125745735 ( 0.58%) 150.42
ipip 358 ( 0.00%) 43210 ( 0.00%) 120.70
ipsec 3354 ( 0.01%) 1454976 ( 0.01%) 433.80
ip6 2565977 ( 7.97%) 1321724881 ( 6.15%) 515.10
other 221597 ( 0.69%) 37484382 ( 0.17%) 169.16
frag 1934 ( 0.01%) 2026244 ( 0.01%) 1047.70
ip6 48093 ( 0.15%) 7648977 ( 0.04%) 159.05
tcp6 13062 ( 0.04%) 1464367 ( 0.01%) 112.11
http(s) 38 ( 0.00%) 18615 ( 0.00%) 489.87
http(c) 7109 ( 0.02%) 763817 ( 0.00%) 107.44
smtp 374 ( 0.00%) 138022 ( 0.00%) 369.04
imap 136 ( 0.00%) 19407 ( 0.00%) 142.70
ssh 3221 ( 0.01%) 267014 ( 0.00%) 82.90
dns 114 ( 0.00%) 29182 ( 0.00%) 255.98
bgp 95 ( 0.00%) 11462 ( 0.00%) 120.65
other 1975 ( 0.01%) 216848 ( 0.00%) 109.80
udp6 27902 ( 0.09%) 5294853 ( 0.02%) 189.77
dns 27510 ( 0.09%) 5222298 ( 0.02%) 189.83
other 392 ( 0.00%) 72555 ( 0.00%) 185.09
icmp6 7062 ( 0.02%) 849102 ( 0.00%) 120.24
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 36 ( 0.00%) 36439 ( 0.00%) 1012.19
tcpdump file: 201004130230.dump.gz (846.71 MB)