Traffic Trace Info
DumpFile: 201004130515.dump
FileSize: 1921.31MB
Id: 201004130515
StartTime: Tue Apr 13 05:15:01 2010
EndTime: Tue Apr 13 05:30:01 2010
TotalTime: 899.56 seconds
TotalCapSize: 1503.34MB CapLen: 96 bytes
# of packets: 27391389 (16975.09MB)
AvgRate: 158.30Mbps stddev:12.58M
IP flow (unique src/dst pair) Information
# of flows: 1030121 (avg. 26.59 pkts/flow)
Top 10 big flow size (bytes/total in %):
1.5% 1.0% 1.0% 0.9% 0.9% 0.8% 0.7% 0.7% 0.7% 0.7%
IP address Information
# of IPv4 addresses: 571647
Top 10 bandwidth usage (bytes/total in %):
21.7% 8.7% 8.3% 7.2% 6.9% 6.7% 3.2% 2.8% 2.3% 2.0%
# of IPv6 addresses: 925
Top 10 bandwidth usage (bytes/total in %):
27.8% 7.5% 7.3% 6.9% 6.3% 6.0% 5.7% 3.5% 3.4% 3.4%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130515.pktlen.png)
detailed numbers
[ 32- 63]: 4209535
[ 64- 127]: 7747891
[ 128- 255]: 2367766
[ 256- 511]: 1621852
[ 512- 1023]: 699421
[ 1024- 2047]: 10744924
Protocol Breakdown
![[protocol breakdown chart]](201004130515.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27391389 (100.00%) 17799669514 (100.00%) 649.83
ip 27342382 ( 99.82%) 17791784102 ( 99.96%) 650.70
tcp 16267283 ( 59.39%) 11945892245 ( 67.11%) 734.35
http(s) 7031137 ( 25.67%) 9697043239 ( 54.48%) 1379.16
http(c) 3841571 ( 14.02%) 380140142 ( 2.14%) 98.95
squid 292682 ( 1.07%) 104936426 ( 0.59%) 358.53
smtp 362726 ( 1.32%) 61659938 ( 0.35%) 169.99
nntp 4 ( 0.00%) 240 ( 0.00%) 60.00
ftp 10007 ( 0.04%) 936365 ( 0.01%) 93.57
pop3 5685 ( 0.02%) 3419629 ( 0.02%) 601.52
imap 1235 ( 0.00%) 521569 ( 0.00%) 422.32
telnet 1595 ( 0.01%) 127933 ( 0.00%) 80.21
ssh 1481861 ( 5.41%) 188092246 ( 1.06%) 126.93
dns 60464 ( 0.22%) 4130245 ( 0.02%) 68.31
bgp 141 ( 0.00%) 40435 ( 0.00%) 286.77
napster 16 ( 0.00%) 1012 ( 0.00%) 63.25
realaud 14 ( 0.00%) 1264 ( 0.00%) 90.29
rtsp 159670 ( 0.58%) 125871193 ( 0.71%) 788.32
icecast 4497 ( 0.02%) 288948 ( 0.00%) 64.25
hotline 6 ( 0.00%) 366 ( 0.00%) 61.00
other 3013971 ( 11.00%) 1378680995 ( 7.75%) 457.43
udp 7471467 ( 27.28%) 4135590033 ( 23.23%) 553.52
dns 693511 ( 2.53%) 119508724 ( 0.67%) 172.32
realaud 43 ( 0.00%) 4363 ( 0.00%) 101.47
halflif 120 ( 0.00%) 17420 ( 0.00%) 145.17
starcra 373 ( 0.00%) 49231 ( 0.00%) 131.99
everque 373 ( 0.00%) 77840 ( 0.00%) 208.69
unreal 82 ( 0.00%) 9586 ( 0.00%) 116.90
quake 42 ( 0.00%) 4363 ( 0.00%) 103.88
cuseeme 6 ( 0.00%) 841 ( 0.00%) 140.17
other 6776656 ( 24.74%) 4015756678 ( 22.56%) 592.59
icmp 800609 ( 2.92%) 122334872 ( 0.69%) 152.80
ipip 307 ( 0.00%) 36458 ( 0.00%) 118.76
ipsec 1515 ( 0.01%) 507490 ( 0.00%) 334.98
ip6 2717502 ( 9.92%) 1485081147 ( 8.34%) 546.49
other 83699 ( 0.31%) 102341857 ( 0.57%) 1222.74
frag 1809 ( 0.01%) 1867876 ( 0.01%) 1032.55
ip6 49007 ( 0.18%) 7885412 ( 0.04%) 160.90
tcp6 17058 ( 0.06%) 2228856 ( 0.01%) 130.66
http(s) 352 ( 0.00%) 477293 ( 0.00%) 1355.95
http(c) 6301 ( 0.02%) 567504 ( 0.00%) 90.07
smtp 444 ( 0.00%) 184202 ( 0.00%) 414.87
ftp 2680 ( 0.01%) 286347 ( 0.00%) 106.85
imap 107 ( 0.00%) 16306 ( 0.00%) 152.39
ssh 3230 ( 0.01%) 268152 ( 0.00%) 83.02
dns 119 ( 0.00%) 32752 ( 0.00%) 275.23
bgp 109 ( 0.00%) 13949 ( 0.00%) 127.97
other 3716 ( 0.01%) 382351 ( 0.00%) 102.89
udp6 25085 ( 0.09%) 4773764 ( 0.03%) 190.30
dns 24555 ( 0.09%) 4684375 ( 0.03%) 190.77
other 530 ( 0.00%) 89389 ( 0.00%) 168.66
icmp6 6794 ( 0.02%) 841114 ( 0.00%) 123.80
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 40 ( 0.00%) 37598 ( 0.00%) 939.95
tcpdump file: 201004130515.dump.gz (721.69 MB)