Traffic Trace Info
DumpFile: 201004130530.dump
FileSize: 1886.75MB
Id: 201004130530
StartTime: Tue Apr 13 05:30:01 2010
EndTime: Tue Apr 13 05:45:00 2010
TotalTime: 899.62 seconds
TotalCapSize: 1476.12MB CapLen: 96 bytes
# of packets: 26908823 (16688.74MB)
AvgRate: 155.61Mbps stddev:12.22M
IP flow (unique src/dst pair) Information
# of flows: 1088502 (avg. 24.72 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.3% 1.2% 1.1% 1.0% 0.9% 0.8% 0.8% 0.6% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 607212
Top 10 bandwidth usage (bytes/total in %):
21.2% 8.7% 8.4% 7.0% 6.8% 6.6% 4.1% 3.3% 3.3% 2.8%
# of IPv6 addresses: 894
Top 10 bandwidth usage (bytes/total in %):
29.3% 7.9% 7.8% 7.3% 6.6% 6.4% 4.2% 3.8% 3.5% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130530.pktlen.png)
detailed numbers
[ 32- 63]: 4188865
[ 64- 127]: 7520505
[ 128- 255]: 2254309
[ 256- 511]: 1724381
[ 512- 1023]: 666376
[ 1024- 2047]: 10554387
Protocol Breakdown
![[protocol breakdown chart]](201004130530.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26908823 (100.00%) 17499408232 (100.00%) 650.32
ip 26859909 ( 99.82%) 17491925982 ( 99.96%) 651.23
tcp 15844615 ( 58.88%) 11748044105 ( 67.13%) 741.45
http(s) 7060565 ( 26.24%) 9755011556 ( 55.74%) 1381.62
http(c) 3690723 ( 13.72%) 354871933 ( 2.03%) 96.15
squid 300361 ( 1.12%) 114765976 ( 0.66%) 382.09
smtp 401762 ( 1.49%) 78506139 ( 0.45%) 195.40
nntp 548 ( 0.00%) 32880 ( 0.00%) 60.00
ftp 10437 ( 0.04%) 1188083 ( 0.01%) 113.83
pop3 7421 ( 0.03%) 5204991 ( 0.03%) 701.39
imap 1580 ( 0.01%) 880779 ( 0.01%) 557.46
telnet 2725 ( 0.01%) 209845 ( 0.00%) 77.01
ssh 1445152 ( 5.37%) 180131584 ( 1.03%) 124.65
dns 56241 ( 0.21%) 3838656 ( 0.02%) 68.25
bgp 142 ( 0.00%) 47760 ( 0.00%) 336.34
realaud 10 ( 0.00%) 1024 ( 0.00%) 102.40
rtsp 64 ( 0.00%) 4552 ( 0.00%) 71.12
icecast 402 ( 0.00%) 24870 ( 0.00%) 61.87
hotline 1 ( 0.00%) 60 ( 0.00%) 60.00
other 2866480 ( 10.65%) 1253323357 ( 7.16%) 437.23
udp 7339043 ( 27.27%) 4030864047 ( 23.03%) 549.24
dns 640213 ( 2.38%) 112074707 ( 0.64%) 175.06
realaud 65 ( 0.00%) 6009 ( 0.00%) 92.45
halflif 114 ( 0.00%) 15850 ( 0.00%) 139.04
starcra 324 ( 0.00%) 40687 ( 0.00%) 125.58
everque 392 ( 0.00%) 71736 ( 0.00%) 183.00
unreal 62 ( 0.00%) 8495 ( 0.00%) 137.02
quake 36 ( 0.00%) 3080 ( 0.00%) 85.56
cuseeme 4 ( 0.00%) 662 ( 0.00%) 165.50
other 6697549 ( 24.89%) 3918483396 ( 22.39%) 585.06
icmp 874118 ( 3.25%) 128045686 ( 0.73%) 146.49
ipip 382 ( 0.00%) 47334 ( 0.00%) 123.91
ipsec 1424 ( 0.01%) 475160 ( 0.00%) 333.68
ip6 2714587 ( 10.09%) 1476757584 ( 8.44%) 544.01
other 85740 ( 0.32%) 107692066 ( 0.62%) 1256.03
frag 1802 ( 0.01%) 1834224 ( 0.01%) 1017.88
ip6 48914 ( 0.18%) 7482250 ( 0.04%) 152.97
tcp6 16563 ( 0.06%) 1628921 ( 0.01%) 98.35
http(s) 34 ( 0.00%) 16530 ( 0.00%) 486.18
http(c) 5599 ( 0.02%) 497372 ( 0.00%) 88.83
smtp 219 ( 0.00%) 46624 ( 0.00%) 212.89
ftp 2596 ( 0.01%) 264117 ( 0.00%) 101.74
imap 309 ( 0.00%) 36629 ( 0.00%) 118.54
ssh 3220 ( 0.01%) 266972 ( 0.00%) 82.91
dns 219 ( 0.00%) 56940 ( 0.00%) 260.00
bgp 104 ( 0.00%) 13049 ( 0.00%) 125.47
other 4263 ( 0.02%) 430688 ( 0.00%) 101.03
udp6 25249 ( 0.09%) 4952666 ( 0.03%) 196.15
dns 24743 ( 0.09%) 4864077 ( 0.03%) 196.58
other 506 ( 0.00%) 88589 ( 0.00%) 175.08
icmp6 7011 ( 0.03%) 841754 ( 0.00%) 120.06
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 61 ( 0.00%) 54829 ( 0.00%) 898.84
tcpdump file: 201004130530.dump.gz (705.97 MB)