Traffic Trace Info
DumpFile: 201004130330.dump
FileSize: 2084.52MB
Id: 201004130330
StartTime: Tue Apr 13 03:30:01 2010
EndTime: Tue Apr 13 03:45:01 2010
TotalTime: 900.57 seconds
TotalCapSize: 1627.84MB CapLen: 96 bytes
# of packets: 29928505 (18884.22MB)
AvgRate: 175.90Mbps stddev:13.04M
IP flow (unique src/dst pair) Information
# of flows: 1075876 (avg. 27.82 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.9% 1.1% 1.1% 1.0% 0.6% 0.6% 0.5% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 587101
Top 10 bandwidth usage (bytes/total in %):
19.9% 7.8% 7.5% 7.4% 6.8% 6.7% 5.4% 3.1% 3.0% 3.0%
# of IPv6 addresses: 952
Top 10 bandwidth usage (bytes/total in %):
27.6% 12.4% 7.5% 7.4% 6.9% 5.2% 3.3% 2.9% 2.9% 2.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130330.pktlen.png)
detailed numbers
[ 32- 63]: 4595359
[ 64- 127]: 8373174
[ 128- 255]: 2528984
[ 256- 511]: 1671201
[ 512- 1023]: 738823
[ 1024- 2047]: 12020964
Protocol Breakdown
![[protocol breakdown chart]](201004130330.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 29928505 (100.00%) 19801535375 (100.00%) 661.63
ip 29879824 ( 99.84%) 19793581125 ( 99.96%) 662.44
tcp 18021120 ( 60.21%) 13789909820 ( 69.64%) 765.21
http(s) 7710132 ( 25.76%) 10722995542 ( 54.15%) 1390.77
http(c) 4247527 ( 14.19%) 420656564 ( 2.12%) 99.04
squid 290334 ( 0.97%) 97054484 ( 0.49%) 334.29
smtp 459985 ( 1.54%) 147914529 ( 0.75%) 321.56
ftp 18970 ( 0.06%) 1904990 ( 0.01%) 100.42
pop3 7264 ( 0.02%) 3916710 ( 0.02%) 539.19
imap 1267 ( 0.00%) 663164 ( 0.00%) 523.41
telnet 2199 ( 0.01%) 176111 ( 0.00%) 80.09
ssh 1254069 ( 4.19%) 161144748 ( 0.81%) 128.50
dns 58007 ( 0.19%) 4827387 ( 0.02%) 83.22
bgp 138 ( 0.00%) 37803 ( 0.00%) 273.93
napster 18 ( 0.00%) 1723 ( 0.00%) 95.72
realaud 49 ( 0.00%) 5831 ( 0.00%) 119.00
rtsp 73 ( 0.00%) 5274 ( 0.00%) 72.25
icecast 299 ( 0.00%) 20347 ( 0.00%) 68.05
other 3970784 ( 13.27%) 2228584313 ( 11.25%) 561.25
udp 8410575 ( 28.10%) 4468085693 ( 22.56%) 531.25
dns 747373 ( 2.50%) 135219249 ( 0.68%) 180.93
realaud 61 ( 0.00%) 5661 ( 0.00%) 92.80
halflif 115 ( 0.00%) 15418 ( 0.00%) 134.07
starcra 338 ( 0.00%) 40934 ( 0.00%) 121.11
everque 79261 ( 0.26%) 9076581 ( 0.05%) 114.52
unreal 64 ( 0.00%) 8822 ( 0.00%) 137.84
quake 47 ( 0.00%) 4210 ( 0.00%) 89.57
cuseeme 10 ( 0.00%) 820 ( 0.00%) 82.00
other 7583005 ( 25.34%) 4323554065 ( 21.83%) 570.16
icmp 898340 ( 3.00%) 131276804 ( 0.66%) 146.13
ipip 344 ( 0.00%) 41196 ( 0.00%) 119.76
ipsec 5190 ( 0.02%) 1817872 ( 0.01%) 350.26
ip6 2496421 ( 8.34%) 1352662926 ( 6.83%) 541.84
other 47834 ( 0.16%) 49786814 ( 0.25%) 1040.82
frag 1865 ( 0.01%) 1872150 ( 0.01%) 1003.83
ip6 48681 ( 0.16%) 7954250 ( 0.04%) 163.40
tcp6 11756 ( 0.04%) 1503009 ( 0.01%) 127.85
http(s) 241 ( 0.00%) 182424 ( 0.00%) 756.95
http(c) 5425 ( 0.02%) 501128 ( 0.00%) 92.37
smtp 580 ( 0.00%) 247356 ( 0.00%) 426.48
ftp 13 ( 0.00%) 1060 ( 0.00%) 81.54
imap 107 ( 0.00%) 15012 ( 0.00%) 140.30
ssh 3224 ( 0.01%) 267320 ( 0.00%) 82.92
dns 98 ( 0.00%) 23789 ( 0.00%) 242.74
bgp 102 ( 0.00%) 12652 ( 0.00%) 124.04
other 1966 ( 0.01%) 252268 ( 0.00%) 128.32
udp6 29874 ( 0.10%) 5590812 ( 0.03%) 187.15
dns 29309 ( 0.10%) 5493367 ( 0.03%) 187.43
other 565 ( 0.00%) 97445 ( 0.00%) 172.47
icmp6 6990 ( 0.02%) 829602 ( 0.00%) 118.68
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 30 ( 0.00%) 26611 ( 0.00%) 887.03
tcpdump file: 201004130330.dump.gz (782.16 MB)