Traffic Trace Info
DumpFile: 201004130400.dump
FileSize: 2194.31MB
Id: 201004130400
StartTime: Tue Apr 13 04:00:00 2010
EndTime: Tue Apr 13 04:15:01 2010
TotalTime: 900.22 seconds
TotalCapSize: 1714.00MB CapLen: 96 bytes
# of packets: 31475970 (20435.65MB)
AvgRate: 190.43Mbps stddev:12.00M
IP flow (unique src/dst pair) Information
# of flows: 1171608 (avg. 26.87 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.8% 1.7% 1.4% 1.4% 1.3% 1.1% 1.0% 0.9% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 626562
Top 10 bandwidth usage (bytes/total in %):
17.3% 9.1% 8.5% 6.6% 6.5% 6.5% 6.2% 5.3% 2.9% 2.7%
# of IPv6 addresses: 1002
Top 10 bandwidth usage (bytes/total in %):
20.5% 14.6% 9.8% 7.2% 5.5% 5.4% 4.9% 4.7% 4.6% 4.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130400.pktlen.png)
detailed numbers
[ 32- 63]: 5504220
[ 64- 127]: 8174709
[ 128- 255]: 2401811
[ 256- 511]: 1606046
[ 512- 1023]: 675589
[ 1024- 2047]: 13113595
Protocol Breakdown
![[protocol breakdown chart]](201004130400.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 31475970 (100.00%) 21428335039 (100.00%) 680.78
ip 31417792 ( 99.82%) 21417627910 ( 99.95%) 681.70
tcp 20086628 ( 63.82%) 15644684075 ( 73.01%) 778.86
http(s) 9117895 ( 28.97%) 12878786628 ( 60.10%) 1412.47
http(c) 5088309 ( 16.17%) 463201328 ( 2.16%) 91.03
squid 269857 ( 0.86%) 81922009 ( 0.38%) 303.58
smtp 384698 ( 1.22%) 94708872 ( 0.44%) 246.19
nntp 4 ( 0.00%) 240 ( 0.00%) 60.00
ftp 19430 ( 0.06%) 1831792 ( 0.01%) 94.28
pop3 8439 ( 0.03%) 5391929 ( 0.03%) 638.93
imap 1264 ( 0.00%) 674539 ( 0.00%) 533.65
telnet 2549 ( 0.01%) 199819 ( 0.00%) 78.39
ssh 1427628 ( 4.54%) 184939218 ( 0.86%) 129.54
dns 59432 ( 0.19%) 4026762 ( 0.02%) 67.75
bgp 150 ( 0.00%) 60240 ( 0.00%) 401.60
napster 2 ( 0.00%) 132 ( 0.00%) 66.00
realaud 30 ( 0.00%) 2765 ( 0.00%) 92.17
rtsp 80 ( 0.00%) 5548 ( 0.00%) 69.35
icecast 336 ( 0.00%) 25549 ( 0.00%) 76.04
hotline 27 ( 0.00%) 1801 ( 0.00%) 66.70
other 3706497 ( 11.78%) 1928904844 ( 9.00%) 520.41
udp 7823124 ( 24.85%) 4204606751 ( 19.62%) 537.46
dns 720624 ( 2.29%) 124935454 ( 0.58%) 173.37
realaud 28 ( 0.00%) 4050 ( 0.00%) 144.64
halflif 125 ( 0.00%) 16142 ( 0.00%) 129.14
starcra 287 ( 0.00%) 36092 ( 0.00%) 125.76
everque 393 ( 0.00%) 73599 ( 0.00%) 187.27
unreal 45 ( 0.00%) 6197 ( 0.00%) 137.71
quake 30 ( 0.00%) 3009 ( 0.00%) 100.30
cuseeme 5 ( 0.00%) 453 ( 0.00%) 90.60
other 7101287 ( 22.56%) 4079389724 ( 19.04%) 574.46
icmp 811861 ( 2.58%) 124602838 ( 0.58%) 153.48
ipip 362 ( 0.00%) 44232 ( 0.00%) 122.19
ipsec 4424 ( 0.01%) 1426060 ( 0.01%) 322.35
ip6 2645107 ( 8.40%) 1400925621 ( 6.54%) 529.63
other 46286 ( 0.15%) 41338333 ( 0.19%) 893.11
frag 1970 ( 0.01%) 1985952 ( 0.01%) 1008.10
ip6 58178 ( 0.18%) 10707129 ( 0.05%) 184.04
tcp6 17399 ( 0.06%) 3120404 ( 0.01%) 179.34
http(s) 14 ( 0.00%) 5752 ( 0.00%) 410.86
http(c) 5591 ( 0.02%) 488397 ( 0.00%) 87.35
smtp 1224 ( 0.00%) 1587300 ( 0.01%) 1296.81
ftp 2565 ( 0.01%) 268587 ( 0.00%) 104.71
imap 107 ( 0.00%) 15024 ( 0.00%) 140.41
ssh 3224 ( 0.01%) 267328 ( 0.00%) 82.92
dns 119 ( 0.00%) 32185 ( 0.00%) 270.46
bgp 113 ( 0.00%) 16588 ( 0.00%) 146.80
other 4442 ( 0.01%) 439243 ( 0.00%) 98.88
udp6 33444 ( 0.11%) 6648408 ( 0.03%) 198.79
dns 32893 ( 0.10%) 6547240 ( 0.03%) 199.05
other 551 ( 0.00%) 101168 ( 0.00%) 183.61
icmp6 7239 ( 0.02%) 877970 ( 0.00%) 121.28
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 66 ( 0.00%) 56267 ( 0.00%) 852.53
tcpdump file: 201004130400.dump.gz (819.61 MB)