Traffic Trace Info
DumpFile: 201004130630.dump
FileSize: 1932.52MB
Id: 201004130630
StartTime: Tue Apr 13 06:30:01 2010
EndTime: Tue Apr 13 06:45:00 2010
TotalTime: 899.52 seconds
TotalCapSize: 1512.05MB CapLen: 96 bytes
# of packets: 27553694 (17050.39MB)
AvgRate: 159.01Mbps stddev:16.22M
IP flow (unique src/dst pair) Information
# of flows: 980792 (avg. 28.09 pkts/flow)
Top 10 big flow size (bytes/total in %):
3.9% 2.8% 1.9% 1.0% 1.0% 1.0% 0.9% 0.8% 0.6% 0.5%
IP address Information
# of IPv4 addresses: 565470
Top 10 bandwidth usage (bytes/total in %):
24.9% 9.6% 5.5% 4.8% 4.4% 4.3% 3.9% 3.9% 3.2% 3.1%
# of IPv6 addresses: 858
Top 10 bandwidth usage (bytes/total in %):
30.4% 7.3% 6.8% 6.5% 6.5% 6.3% 4.6% 3.5% 3.3% 3.2%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130630.pktlen.png)
detailed numbers
[ 32- 63]: 3871980
[ 64- 127]: 7757202
[ 128- 255]: 2543438
[ 256- 511]: 1824656
[ 512- 1023]: 799175
[ 1024- 2047]: 10757243
Protocol Breakdown
![[protocol breakdown chart]](201004130630.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27553694 (100.00%) 17878624849 (100.00%) 648.86
ip 27503872 ( 99.82%) 17871422251 ( 99.96%) 649.78
tcp 15325909 ( 55.62%) 11258700564 ( 62.97%) 734.62
http(s) 6269750 ( 22.75%) 8596212385 ( 48.08%) 1371.06
http(c) 3245236 ( 11.78%) 327624539 ( 1.83%) 100.96
squid 261047 ( 0.95%) 90964860 ( 0.51%) 348.46
smtp 306350 ( 1.11%) 65646717 ( 0.37%) 214.29
ftp 9538 ( 0.03%) 1020409 ( 0.01%) 106.98
pop3 14189 ( 0.05%) 12572943 ( 0.07%) 886.10
imap 2166 ( 0.01%) 996546 ( 0.01%) 460.09
telnet 4893 ( 0.02%) 3086791 ( 0.02%) 630.86
ssh 1832995 ( 6.65%) 238716886 ( 1.34%) 130.23
dns 57076 ( 0.21%) 3934668 ( 0.02%) 68.94
bgp 129 ( 0.00%) 36116 ( 0.00%) 279.97
napster 57 ( 0.00%) 7800 ( 0.00%) 136.84
realaud 22 ( 0.00%) 1878 ( 0.00%) 85.36
rtsp 66 ( 0.00%) 4668 ( 0.00%) 70.73
icecast 287 ( 0.00%) 17908 ( 0.00%) 62.40
hotline 4 ( 0.00%) 248 ( 0.00%) 62.00
other 3322099 ( 12.06%) 1917854902 ( 10.73%) 577.30
udp 8243323 ( 29.92%) 4760994080 ( 26.63%) 577.56
dns 592379 ( 2.15%) 104114590 ( 0.58%) 175.76
realaud 24 ( 0.00%) 2798 ( 0.00%) 116.58
halflif 138 ( 0.00%) 16451 ( 0.00%) 119.21
starcra 266 ( 0.00%) 34600 ( 0.00%) 130.08
everque 432 ( 0.00%) 82917 ( 0.00%) 191.94
unreal 84 ( 0.00%) 15360 ( 0.00%) 182.86
quake 34 ( 0.00%) 2708 ( 0.00%) 79.65
cuseeme 7 ( 0.00%) 1258 ( 0.00%) 179.71
other 7649634 ( 27.76%) 4656575441 ( 26.05%) 608.73
icmp 762104 ( 2.77%) 119292554 ( 0.67%) 156.53
ipip 360 ( 0.00%) 45102 ( 0.00%) 125.28
ipsec 9791 ( 0.04%) 5192958 ( 0.03%) 530.38
ip6 3150197 ( 11.43%) 1725500672 ( 9.65%) 547.74
other 12188 ( 0.04%) 1696321 ( 0.01%) 139.18
frag 2266 ( 0.01%) 2263921 ( 0.01%) 999.08
ip6 49820 ( 0.18%) 7202478 ( 0.04%) 144.57
tcp6 17489 ( 0.06%) 1639034 ( 0.01%) 93.72
http(s) 28 ( 0.00%) 15908 ( 0.00%) 568.14
http(c) 7693 ( 0.03%) 642390 ( 0.00%) 83.50
smtp 130 ( 0.00%) 38801 ( 0.00%) 298.47
ftp 2308 ( 0.01%) 233153 ( 0.00%) 101.02
imap 236 ( 0.00%) 28819 ( 0.00%) 122.11
ssh 2801 ( 0.01%) 232266 ( 0.00%) 82.92
dns 135 ( 0.00%) 30067 ( 0.00%) 222.72
bgp 116 ( 0.00%) 15147 ( 0.00%) 130.58
other 4042 ( 0.01%) 402483 ( 0.00%) 99.58
udp6 23789 ( 0.09%) 4546889 ( 0.03%) 191.13
dns 23442 ( 0.09%) 4479979 ( 0.03%) 191.11
other 347 ( 0.00%) 66910 ( 0.00%) 192.82
icmp6 8453 ( 0.03%) 962089 ( 0.01%) 113.82
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 59 ( 0.00%) 50386 ( 0.00%) 854.00
tcpdump file: 201004130630.dump.gz (706.23 MB)