Traffic Trace Info
DumpFile: 201004130500.dump
FileSize: 1962.66MB
Id: 201004130500
StartTime: Tue Apr 13 05:00:01 2010
EndTime: Tue Apr 13 05:15:01 2010
TotalTime: 900.11 seconds
TotalCapSize: 1536.92MB CapLen: 96 bytes
# of packets: 27899002 (17030.98MB)
AvgRate: 158.72Mbps stddev:12.11M
IP flow (unique src/dst pair) Information
# of flows: 1186133 (avg. 23.52 pkts/flow)
Top 10 big flow size (bytes/total in %):
0.9% 0.9% 0.9% 0.8% 0.7% 0.7% 0.6% 0.6% 0.6% 0.5%
IP address Information
# of IPv4 addresses: 663745
Top 10 bandwidth usage (bytes/total in %):
21.0% 8.6% 8.5% 7.2% 6.5% 6.4% 3.2% 3.1% 2.8% 2.5%
# of IPv6 addresses: 969
Top 10 bandwidth usage (bytes/total in %):
27.8% 7.7% 7.5% 6.3% 6.2% 5.7% 4.4% 4.0% 3.7% 3.6%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130500.pktlen.png)
detailed numbers
[ 32- 63]: 4480114
[ 64- 127]: 7942583
[ 128- 255]: 2339076
[ 256- 511]: 1644379
[ 512- 1023]: 763038
[ 1024- 2047]: 10729812
Protocol Breakdown
![[protocol breakdown chart]](201004130500.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27899002 (100.00%) 17858281230 (100.00%) 640.10
ip 27846940 ( 99.81%) 17850397557 ( 99.96%) 641.02
tcp 16834257 ( 60.34%) 12087801609 ( 67.69%) 718.05
http(s) 6993462 ( 25.07%) 9646011330 ( 54.01%) 1379.29
http(c) 3926925 ( 14.08%) 389244032 ( 2.18%) 99.12
squid 271644 ( 0.97%) 98275285 ( 0.55%) 361.78
smtp 513212 ( 1.84%) 84860147 ( 0.48%) 165.35
nntp 9 ( 0.00%) 558 ( 0.00%) 62.00
ftp 10901 ( 0.04%) 1150886 ( 0.01%) 105.58
pop3 6901 ( 0.02%) 4739253 ( 0.03%) 686.75
imap 1475 ( 0.01%) 828318 ( 0.00%) 561.57
telnet 1407 ( 0.01%) 125149 ( 0.00%) 88.95
ssh 1694178 ( 6.07%) 210359104 ( 1.18%) 124.17
dns 57601 ( 0.21%) 3931318 ( 0.02%) 68.25
bgp 148 ( 0.00%) 46444 ( 0.00%) 313.81
napster 21 ( 0.00%) 2885 ( 0.00%) 137.38
realaud 13 ( 0.00%) 2293 ( 0.00%) 176.38
rtsp 219295 ( 0.79%) 172586265 ( 0.97%) 787.01
icecast 375 ( 0.00%) 23592 ( 0.00%) 62.91
hotline 3 ( 0.00%) 186 ( 0.00%) 62.00
other 3136685 ( 11.24%) 1475614426 ( 8.26%) 470.44
udp 7393756 ( 26.50%) 4056135282 ( 22.71%) 548.59
dns 703836 ( 2.52%) 120732204 ( 0.68%) 171.53
realaud 52 ( 0.00%) 5857 ( 0.00%) 112.63
halflif 157 ( 0.00%) 18312 ( 0.00%) 116.64
starcra 354 ( 0.00%) 43292 ( 0.00%) 122.29
everque 398 ( 0.00%) 74107 ( 0.00%) 186.20
unreal 100 ( 0.00%) 11693 ( 0.00%) 116.93
quake 36 ( 0.00%) 3245 ( 0.00%) 90.14
cuseeme 6 ( 0.00%) 965 ( 0.00%) 160.83
other 6688559 ( 23.97%) 3935113478 ( 22.04%) 588.34
icmp 769861 ( 2.76%) 120158270 ( 0.67%) 156.08
ipip 374 ( 0.00%) 45110 ( 0.00%) 120.61
ipsec 4527 ( 0.02%) 1847314 ( 0.01%) 408.07
ip6 2804947 ( 10.05%) 1541524666 ( 8.63%) 549.57
other 39218 ( 0.14%) 42885306 ( 0.24%) 1093.51
frag 1620 ( 0.01%) 1613368 ( 0.01%) 995.91
ip6 52062 ( 0.19%) 7883673 ( 0.04%) 151.43
tcp6 18037 ( 0.06%) 1737060 ( 0.01%) 96.31
http(s) 36 ( 0.00%) 17029 ( 0.00%) 473.03
http(c) 7961 ( 0.03%) 672177 ( 0.00%) 84.43
smtp 127 ( 0.00%) 59721 ( 0.00%) 470.24
ftp 2711 ( 0.01%) 294809 ( 0.00%) 108.75
imap 131 ( 0.00%) 17196 ( 0.00%) 131.27
ssh 3220 ( 0.01%) 266984 ( 0.00%) 82.91
dns 116 ( 0.00%) 31452 ( 0.00%) 271.14
bgp 132 ( 0.00%) 19696 ( 0.00%) 149.21
other 3603 ( 0.01%) 357996 ( 0.00%) 99.36
udp6 26901 ( 0.10%) 5225393 ( 0.03%) 194.25
dns 26461 ( 0.09%) 5143404 ( 0.03%) 194.38
other 440 ( 0.00%) 81989 ( 0.00%) 186.34
icmp6 7037 ( 0.03%) 861786 ( 0.00%) 122.46
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 56 ( 0.00%) 55218 ( 0.00%) 986.04
tcpdump file: 201004130500.dump.gz (735.59 MB)