Traffic Trace Info
DumpFile: 201004130300.dump
FileSize: 1937.00MB
Id: 201004130300
StartTime: Tue Apr 13 03:00:01 2010
EndTime: Tue Apr 13 03:15:00 2010
TotalTime: 899.78 seconds
TotalCapSize: 1514.75MB CapLen: 96 bytes
# of packets: 27670015 (17818.76MB)
AvgRate: 179.89Mbps stddev:29.71M
IP flow (unique src/dst pair) Information
# of flows: 1071552 (avg. 25.82 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.5% 1.0% 0.9% 0.8% 0.8% 0.7% 0.7% 0.6% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 583350
Top 10 bandwidth usage (bytes/total in %):
17.4% 8.7% 7.7% 7.0% 7.0% 7.0% 6.1% 3.0% 2.9% 2.8%
# of IPv6 addresses: 944
Top 10 bandwidth usage (bytes/total in %):
48.3% 48.3% 13.6% 6.9% 3.7% 3.6% 3.5% 2.6% 2.4% 2.3%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130300.pktlen.png)
detailed numbers
[ 32- 63]: 4569935
[ 64- 127]: 7629405
[ 128- 255]: 2082200
[ 256- 511]: 1369643
[ 512- 1023]: 606025
[ 1024- 2047]: 11412807
Protocol Breakdown
![[protocol breakdown chart]](201004130300.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27670015 (100.00%) 18684319135 (100.00%) 675.26
ip 27614905 ( 99.80%) 18669849555 ( 99.92%) 676.08
tcp 17772100 ( 64.23%) 13741852983 ( 73.55%) 773.23
http(s) 7424410 ( 26.83%) 10383622629 ( 55.57%) 1398.58
http(c) 4066560 ( 14.70%) 392706657 ( 2.10%) 96.57
squid 271830 ( 0.98%) 89345810 ( 0.48%) 328.68
smtp 366372 ( 1.32%) 80236950 ( 0.43%) 219.00
ftp 15827 ( 0.06%) 1452953 ( 0.01%) 91.80
pop3 5962 ( 0.02%) 2714291 ( 0.01%) 455.27
imap 924 ( 0.00%) 380402 ( 0.00%) 411.69
telnet 2500 ( 0.01%) 190874 ( 0.00%) 76.35
ssh 1390352 ( 5.02%) 173039723 ( 0.93%) 124.46
dns 54686 ( 0.20%) 6359848 ( 0.03%) 116.30
bgp 145 ( 0.00%) 60868 ( 0.00%) 419.78
napster 33 ( 0.00%) 2062 ( 0.00%) 62.48
realaud 30 ( 0.00%) 2818 ( 0.00%) 93.93
rtsp 121766 ( 0.44%) 117589864 ( 0.63%) 965.70
icecast 393 ( 0.00%) 27547 ( 0.00%) 70.09
hotline 2 ( 0.00%) 124 ( 0.00%) 62.00
other 4050308 ( 14.64%) 2494119563 ( 13.35%) 615.79
udp 6931555 ( 25.05%) 3645810141 ( 19.51%) 525.97
dns 668811 ( 2.42%) 114932438 ( 0.62%) 171.85
rip 1 ( 0.00%) 75 ( 0.00%) 75.00
realaud 24 ( 0.00%) 3825 ( 0.00%) 159.38
halflif 131 ( 0.00%) 15369 ( 0.00%) 117.32
starcra 249 ( 0.00%) 31711 ( 0.00%) 127.35
everque 22991 ( 0.08%) 5517948 ( 0.03%) 240.00
unreal 47 ( 0.00%) 6052 ( 0.00%) 128.77
quake 16 ( 0.00%) 1815 ( 0.00%) 113.44
cuseeme 3 ( 0.00%) 277 ( 0.00%) 92.33
other 6239032 ( 22.55%) 3525153419 ( 18.87%) 565.02
icmp 755743 ( 2.73%) 114505588 ( 0.61%) 151.51
ipip 314 ( 0.00%) 37328 ( 0.00%) 118.88
ipsec 2887 ( 0.01%) 1093714 ( 0.01%) 378.84
ip6 2128048 ( 7.69%) 1148350438 ( 6.15%) 539.63
other 24258 ( 0.09%) 18199363 ( 0.10%) 750.24
frag 1446 ( 0.01%) 1503113 ( 0.01%) 1039.50
ip6 55110 ( 0.20%) 14469580 ( 0.08%) 262.56
tcp6 21385 ( 0.08%) 8244741 ( 0.04%) 385.54
http(s) 18 ( 0.00%) 7365 ( 0.00%) 409.17
http(c) 5650 ( 0.02%) 515579 ( 0.00%) 91.25
smtp 8880 ( 0.03%) 7075568 ( 0.04%) 796.80
ftp 31 ( 0.00%) 2914 ( 0.00%) 94.00
imap 64 ( 0.00%) 8643 ( 0.00%) 135.05
ssh 2899 ( 0.01%) 240474 ( 0.00%) 82.95
dns 112 ( 0.00%) 28511 ( 0.00%) 254.56
bgp 98 ( 0.00%) 13985 ( 0.00%) 142.70
other 3633 ( 0.01%) 351702 ( 0.00%) 96.81
udp6 27330 ( 0.10%) 5402279 ( 0.03%) 197.67
dns 27016 ( 0.10%) 5344755 ( 0.03%) 197.84
realaud 1 ( 0.00%) 116 ( 0.00%) 116.00
other 313 ( 0.00%) 57408 ( 0.00%) 183.41
icmp6 6314 ( 0.02%) 772839 ( 0.00%) 122.40
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 51 ( 0.00%) 45641 ( 0.00%) 894.92
tcpdump file: 201004130300.dump.gz (731.18 MB)