Traffic Trace Info
DumpFile: 201004130645.dump
FileSize: 1919.11MB
Id: 201004130645
StartTime: Tue Apr 13 06:45:00 2010
EndTime: Tue Apr 13 07:00:01 2010
TotalTime: 900.46 seconds
TotalCapSize: 1503.35MB CapLen: 96 bytes
# of packets: 27246260 (16638.95MB)
AvgRate: 155.00Mbps stddev:10.97M
IP flow (unique src/dst pair) Information
# of flows: 908506 (avg. 29.99 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.8% 1.3% 1.3% 1.2% 1.1% 0.9% 0.7% 0.7% 0.7% 0.6%
IP address Information
# of IPv4 addresses: 510802
Top 10 bandwidth usage (bytes/total in %):
23.8% 10.5% 6.9% 5.9% 5.3% 4.6% 3.4% 3.2% 2.8% 2.8%
# of IPv6 addresses: 876
Top 10 bandwidth usage (bytes/total in %):
33.3% 8.5% 7.8% 7.3% 6.3% 6.2% 3.5% 3.5% 3.2% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130645.pktlen.png)
detailed numbers
[ 32- 63]: 3885085
[ 64- 127]: 7882521
[ 128- 255]: 2454471
[ 256- 511]: 1711076
[ 512- 1023]: 822595
[ 1024- 2047]: 10490512
Protocol Breakdown
![[protocol breakdown chart]](201004130645.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27246260 (100.00%) 17447199596 (100.00%) 640.35
ip 27202445 ( 99.84%) 17440607985 ( 99.96%) 641.14
tcp 15679885 ( 57.55%) 11017160235 ( 63.15%) 702.63
http(s) 6466272 ( 23.73%) 8894805541 ( 50.98%) 1375.57
http(c) 3419992 ( 12.55%) 349670611 ( 2.00%) 102.24
squid 249386 ( 0.92%) 72730212 ( 0.42%) 291.64
smtp 347201 ( 1.27%) 94771326 ( 0.54%) 272.96
ftp 9065 ( 0.03%) 1114607 ( 0.01%) 122.96
pop3 6446 ( 0.02%) 4431309 ( 0.03%) 687.45
imap 2116 ( 0.01%) 1251114 ( 0.01%) 591.26
telnet 1597 ( 0.01%) 163135 ( 0.00%) 102.15
ssh 2500805 ( 9.18%) 329407119 ( 1.89%) 131.72
dns 58328 ( 0.21%) 3966506 ( 0.02%) 68.00
bgp 129 ( 0.00%) 35871 ( 0.00%) 278.07
napster 33 ( 0.00%) 3109 ( 0.00%) 94.21
realaud 12 ( 0.00%) 1509 ( 0.00%) 125.75
rtsp 72 ( 0.00%) 5040 ( 0.00%) 70.00
icecast 262 ( 0.00%) 16404 ( 0.00%) 62.61
hotline 7 ( 0.00%) 434 ( 0.00%) 62.00
other 2618162 ( 9.61%) 1264786388 ( 7.25%) 483.08
udp 7702585 ( 28.27%) 4466325317 ( 25.60%) 579.85
dns 568441 ( 2.09%) 100548297 ( 0.58%) 176.88
realaud 19 ( 0.00%) 2911 ( 0.00%) 153.21
halflif 131 ( 0.00%) 15463 ( 0.00%) 118.04
starcra 295 ( 0.00%) 37362 ( 0.00%) 126.65
everque 341 ( 0.00%) 61153 ( 0.00%) 179.33
unreal 82 ( 0.00%) 12680 ( 0.00%) 154.63
quake 29 ( 0.00%) 2952 ( 0.00%) 101.79
cuseeme 8 ( 0.00%) 1127 ( 0.00%) 140.88
other 7132824 ( 26.18%) 4365456021 ( 25.02%) 612.02
icmp 722239 ( 2.65%) 118521471 ( 0.68%) 164.10
ipip 311 ( 0.00%) 38174 ( 0.00%) 122.75
ipsec 5878 ( 0.02%) 2655292 ( 0.02%) 451.73
ip6 3078899 ( 11.30%) 1834125864 ( 10.51%) 595.71
other 12648 ( 0.05%) 1781632 ( 0.01%) 140.86
frag 2352 ( 0.01%) 2389839 ( 0.01%) 1016.09
ip6 43815 ( 0.16%) 6591611 ( 0.04%) 150.44
tcp6 13871 ( 0.05%) 1319773 ( 0.01%) 95.15
http(s) 28 ( 0.00%) 15908 ( 0.00%) 568.14
http(c) 4820 ( 0.02%) 430167 ( 0.00%) 89.25
smtp 80 ( 0.00%) 25574 ( 0.00%) 319.68
ftp 2153 ( 0.01%) 217660 ( 0.00%) 101.10
imap 158 ( 0.00%) 18682 ( 0.00%) 118.24
ssh 3033 ( 0.01%) 251882 ( 0.00%) 83.05
dns 86 ( 0.00%) 21643 ( 0.00%) 251.66
bgp 97 ( 0.00%) 11766 ( 0.00%) 121.30
other 3416 ( 0.01%) 326491 ( 0.00%) 95.58
udp6 23495 ( 0.09%) 4461131 ( 0.03%) 189.88
dns 23217 ( 0.09%) 4407704 ( 0.03%) 189.85
quake 1 ( 0.00%) 118 ( 0.00%) 118.00
other 277 ( 0.00%) 53309 ( 0.00%) 192.45
icmp6 6368 ( 0.02%) 763151 ( 0.00%) 119.84
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 51 ( 0.00%) 43476 ( 0.00%) 852.47
tcpdump file: 201004130645.dump.gz (710.81 MB)