Traffic Trace Info
DumpFile: 201004130315.dump
FileSize: 2076.43MB
Id: 201004130315
StartTime: Tue Apr 13 03:15:00 2010
EndTime: Tue Apr 13 03:30:01 2010
TotalTime: 900.13 seconds
TotalCapSize: 1623.88MB CapLen: 96 bytes
# of packets: 29654871 (18846.26MB)
AvgRate: 177.50Mbps stddev:19.08M
IP flow (unique src/dst pair) Information
# of flows: 1070626 (avg. 27.70 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.2% 1.2% 1.2% 0.7% 0.6% 0.5% 0.5% 0.5% 0.5% 0.4%
IP address Information
# of IPv4 addresses: 585514
Top 10 bandwidth usage (bytes/total in %):
17.5% 8.2% 7.3% 7.2% 6.7% 6.5% 6.5% 3.8% 3.3% 2.9%
# of IPv6 addresses: 946
Top 10 bandwidth usage (bytes/total in %):
28.7% 12.4% 7.9% 7.3% 6.6% 5.1% 3.1% 3.1% 3.0% 2.7%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130315.pktlen.png)
detailed numbers
[ 32- 63]: 4767536
[ 64- 127]: 8301147
[ 128- 255]: 2292837
[ 256- 511]: 1618552
[ 512- 1023]: 707898
[ 1024- 2047]: 11966901
Protocol Breakdown
![[protocol breakdown chart]](201004130315.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29654871 (100.00%) 19761738691 (100.00%) 666.39
ip 29607884 ( 99.84%) 19754220412 ( 99.96%) 667.19
tcp 18743966 ( 63.21%) 14451529449 ( 73.13%) 771.00
http(s) 8063394 ( 27.19%) 11266877207 ( 57.01%) 1397.29
http(c) 4393885 ( 14.82%) 423374091 ( 2.14%) 96.36
squid 297581 ( 1.00%) 107346791 ( 0.54%) 360.73
smtp 380776 ( 1.28%) 71674478 ( 0.36%) 188.23
nntp 589 ( 0.00%) 35340 ( 0.00%) 60.00
ftp 17522 ( 0.06%) 1810520 ( 0.01%) 103.33
pop3 7074 ( 0.02%) 3956201 ( 0.02%) 559.26
imap 1350 ( 0.00%) 630904 ( 0.00%) 467.34
telnet 2451 ( 0.01%) 176407 ( 0.00%) 71.97
ssh 1414646 ( 4.77%) 179696629 ( 0.91%) 127.03
dns 62764 ( 0.21%) 9367614 ( 0.05%) 149.25
bgp 127 ( 0.00%) 37624 ( 0.00%) 296.25
napster 23 ( 0.00%) 1464 ( 0.00%) 63.65
realaud 35 ( 0.00%) 11764 ( 0.00%) 336.11
rtsp 71 ( 0.00%) 4986 ( 0.00%) 70.23
icecast 335 ( 0.00%) 21497 ( 0.00%) 64.17
hotline 28 ( 0.00%) 1858 ( 0.00%) 66.36
other 4101313 ( 13.83%) 2386503954 ( 12.08%) 581.89
udp 7616891 ( 25.69%) 3867062318 ( 19.57%) 507.70
dns 723910 ( 2.44%) 130933957 ( 0.66%) 180.87
realaud 21 ( 0.00%) 3394 ( 0.00%) 161.62
halflif 126 ( 0.00%) 21777 ( 0.00%) 172.83
starcra 401 ( 0.00%) 49440 ( 0.00%) 123.29
everque 1975 ( 0.01%) 199472 ( 0.00%) 101.00
unreal 66 ( 0.00%) 8562 ( 0.00%) 129.73
quake 77 ( 0.00%) 7628 ( 0.00%) 99.06
cuseeme 16 ( 0.00%) 1647 ( 0.00%) 102.94
other 6889942 ( 23.23%) 3735653433 ( 18.90%) 542.19
icmp 842375 ( 2.84%) 127291818 ( 0.64%) 151.11
ipip 329 ( 0.00%) 41250 ( 0.00%) 125.38
ipsec 2619 ( 0.01%) 997950 ( 0.01%) 381.04
ip6 2380296 ( 8.03%) 1290859699 ( 6.53%) 542.31
other 21408 ( 0.07%) 16437928 ( 0.08%) 767.84
frag 1957 ( 0.01%) 1991847 ( 0.01%) 1017.81
ip6 46987 ( 0.16%) 7518279 ( 0.04%) 160.01
tcp6 10933 ( 0.04%) 1205629 ( 0.01%) 110.27
http(s) 142 ( 0.00%) 102478 ( 0.00%) 721.68
http(c) 5518 ( 0.02%) 513843 ( 0.00%) 93.12
squid 2 ( 0.00%) 148 ( 0.00%) 74.00
smtp 173 ( 0.00%) 80160 ( 0.00%) 463.35
imap 68 ( 0.00%) 9119 ( 0.00%) 134.10
ssh 2998 ( 0.01%) 251512 ( 0.00%) 83.89
dns 126 ( 0.00%) 30689 ( 0.00%) 243.56
bgp 111 ( 0.00%) 14343 ( 0.00%) 129.22
icecast 1 ( 0.00%) 74 ( 0.00%) 74.00
other 1794 ( 0.01%) 203263 ( 0.00%) 113.30
udp6 28859 ( 0.10%) 5397533 ( 0.03%) 187.03
dns 28455 ( 0.10%) 5325228 ( 0.03%) 187.15
halflif 1 ( 0.00%) 101 ( 0.00%) 101.00
starcra 1 ( 0.00%) 119 ( 0.00%) 119.00
other 402 ( 0.00%) 72085 ( 0.00%) 179.32
icmp6 7115 ( 0.02%) 863507 ( 0.00%) 121.36
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 50 ( 0.00%) 47530 ( 0.00%) 950.60
tcpdump file: 201004130315.dump.gz (781.82 MB)