Traffic Trace Info
DumpFile: 201004130430.dump
FileSize: 1942.31MB
Id: 201004130430
StartTime: Tue Apr 13 04:30:01 2010
EndTime: Tue Apr 13 04:45:00 2010
TotalTime: 899.76 seconds
TotalCapSize: 1518.55MB CapLen: 96 bytes
# of packets: 27770929 (17632.63MB)
AvgRate: 164.41Mbps stddev:12.81M
IP flow (unique src/dst pair) Information
# of flows: 1366487 (avg. 20.32 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.8% 1.0% 0.8% 0.7% 0.7% 0.6% 0.6% 0.5% 0.5% 0.5%
IP address Information
# of IPv4 addresses: 832931
Top 10 bandwidth usage (bytes/total in %):
22.0% 8.0% 7.6% 6.8% 6.6% 6.1% 3.8% 3.5% 3.1% 2.7%
# of IPv6 addresses: 935
Top 10 bandwidth usage (bytes/total in %):
29.2% 8.0% 7.9% 7.2% 6.8% 6.7% 4.8% 3.2% 3.1% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130430.pktlen.png)
detailed numbers
[ 32- 63]: 4582785
[ 64- 127]: 7580070
[ 128- 255]: 2066526
[ 256- 511]: 1558089
[ 512- 1023]: 689892
[ 1024- 2047]: 11293567
Protocol Breakdown
![[protocol breakdown chart]](201004130430.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27770929 (100.00%) 18489150355 (100.00%) 665.77
ip 27720972 ( 99.82%) 18481630946 ( 99.96%) 666.70
tcp 16450212 ( 59.24%) 12299183135 ( 66.52%) 747.66
http(s) 7183944 ( 25.87%) 9956645896 ( 53.85%) 1385.96
http(c) 4015125 ( 14.46%) 396268542 ( 2.14%) 98.69
squid 338213 ( 1.22%) 144448216 ( 0.78%) 427.09
smtp 467144 ( 1.68%) 176364348 ( 0.95%) 377.54
ftp 16405 ( 0.06%) 1490115 ( 0.01%) 90.83
pop3 10336 ( 0.04%) 8606307 ( 0.05%) 832.65
imap 1341 ( 0.00%) 717180 ( 0.00%) 534.81
telnet 1624 ( 0.01%) 140121 ( 0.00%) 86.28
ssh 1160372 ( 4.18%) 148817983 ( 0.80%) 128.25
dns 58672 ( 0.21%) 3988124 ( 0.02%) 67.97
bgp 154 ( 0.00%) 49914 ( 0.00%) 324.12
napster 28 ( 0.00%) 5212 ( 0.00%) 186.14
realaud 25 ( 0.00%) 1993 ( 0.00%) 79.72
rtsp 68 ( 0.00%) 4812 ( 0.00%) 70.76
icecast 298 ( 0.00%) 18878 ( 0.00%) 63.35
hotline 12 ( 0.00%) 2939 ( 0.00%) 244.92
other 3196450 ( 11.51%) 1461612495 ( 7.91%) 457.26
udp 7641206 ( 27.52%) 4523608860 ( 24.47%) 592.00
dns 684388 ( 2.46%) 119720191 ( 0.65%) 174.93
realaud 62 ( 0.00%) 6918 ( 0.00%) 111.58
halflif 170 ( 0.00%) 21454 ( 0.00%) 126.20
starcra 285 ( 0.00%) 36522 ( 0.00%) 128.15
everque 416 ( 0.00%) 79212 ( 0.00%) 190.41
unreal 49 ( 0.00%) 6881 ( 0.00%) 140.43
quake 39 ( 0.00%) 3574 ( 0.00%) 91.64
cuseeme 1 ( 0.00%) 92 ( 0.00%) 92.00
other 6955484 ( 25.05%) 4403575152 ( 23.82%) 633.11
icmp 856929 ( 3.09%) 127023616 ( 0.69%) 148.23
ipip 353 ( 0.00%) 40586 ( 0.00%) 114.97
ipsec 2465 ( 0.01%) 848206 ( 0.00%) 344.10
ip6 2728269 ( 9.82%) 1489280448 ( 8.05%) 545.87
other 41538 ( 0.15%) 41646095 ( 0.23%) 1002.60
frag 2015 ( 0.01%) 2084610 ( 0.01%) 1034.55
ip6 49957 ( 0.18%) 7519409 ( 0.04%) 150.52
tcp6 16204 ( 0.06%) 1669887 ( 0.01%) 103.05
http(s) 46 ( 0.00%) 31704 ( 0.00%) 689.22
http(c) 5645 ( 0.02%) 518188 ( 0.00%) 91.80
smtp 205 ( 0.00%) 86298 ( 0.00%) 420.97
ftp 2722 ( 0.01%) 299602 ( 0.00%) 110.07
imap 131 ( 0.00%) 19096 ( 0.00%) 145.77
ssh 3231 ( 0.01%) 267886 ( 0.00%) 82.91
dns 77 ( 0.00%) 20165 ( 0.00%) 261.88
bgp 108 ( 0.00%) 14591 ( 0.00%) 135.10
other 4039 ( 0.01%) 412357 ( 0.00%) 102.09
udp6 26627 ( 0.10%) 4952496 ( 0.03%) 186.00
dns 26141 ( 0.09%) 4867481 ( 0.03%) 186.20
unreal 1 ( 0.00%) 118 ( 0.00%) 118.00
other 485 ( 0.00%) 84897 ( 0.00%) 175.05
icmp6 7047 ( 0.03%) 843407 ( 0.00%) 119.68
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 49 ( 0.00%) 49539 ( 0.00%) 1011.00
tcpdump file: 201004130430.dump.gz (728.05 MB)