Traffic Trace Info
DumpFile: 201004130730.dump
FileSize: 1853.45MB
Id: 201004130730
StartTime: Tue Apr 13 07:30:01 2010
EndTime: Tue Apr 13 07:45:00 2010
TotalTime: 899.46 seconds
TotalCapSize: 1452.35MB CapLen: 96 bytes
# of packets: 26284868 (15782.80MB)
AvgRate: 147.19Mbps stddev:20.32M
IP flow (unique src/dst pair) Information
# of flows: 788571 (avg. 33.33 pkts/flow)
Top 10 big flow size (bytes/total in %):
6.6% 2.0% 1.6% 1.3% 1.2% 1.1% 1.0% 0.9% 0.8% 0.7%
IP address Information
# of IPv4 addresses: 446194
Top 10 bandwidth usage (bytes/total in %):
23.0% 12.0% 8.4% 6.6% 4.5% 4.3% 3.6% 3.3% 3.2% 2.1%
# of IPv6 addresses: 885
Top 10 bandwidth usage (bytes/total in %):
33.0% 9.0% 7.2% 6.1% 5.2% 5.0% 3.5% 3.5% 3.4% 2.8%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130730.pktlen.png)
detailed numbers
[ 32- 63]: 3420774
[ 64- 127]: 7598905
[ 128- 255]: 2811726
[ 256- 511]: 1836195
[ 512- 1023]: 737832
[ 1024- 2047]: 9879436
Protocol Breakdown
![[protocol breakdown chart]](201004130730.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26284868 (100.00%) 16549467750 (100.00%) 629.62
ip 26240884 ( 99.83%) 16542826634 ( 99.96%) 630.42
tcp 13600309 ( 51.74%) 10136694095 ( 61.25%) 745.33
http(s) 5272494 ( 20.06%) 7243144879 ( 43.77%) 1373.76
http(c) 3033780 ( 11.54%) 376194545 ( 2.27%) 124.00
squid 307664 ( 1.17%) 91783673 ( 0.55%) 298.32
smtp 273531 ( 1.04%) 75705828 ( 0.46%) 276.77
ftp 10434 ( 0.04%) 1009215 ( 0.01%) 96.72
pop3 8877 ( 0.03%) 7145594 ( 0.04%) 804.96
imap 1622 ( 0.01%) 828894 ( 0.01%) 511.03
telnet 812 ( 0.00%) 88914 ( 0.00%) 109.50
ssh 1393645 ( 5.30%) 179322413 ( 1.08%) 128.67
dns 57776 ( 0.22%) 4007888 ( 0.02%) 69.37
bgp 256 ( 0.00%) 139756 ( 0.00%) 545.92
napster 496 ( 0.00%) 313736 ( 0.00%) 632.53
realaud 11 ( 0.00%) 1086 ( 0.00%) 98.73
rtsp 66 ( 0.00%) 4668 ( 0.00%) 70.73
icecast 314 ( 0.00%) 19658 ( 0.00%) 62.61
hotline 6 ( 0.00%) 782 ( 0.00%) 130.33
other 3238524 ( 12.32%) 2156982506 ( 13.03%) 666.04
udp 8168006 ( 31.07%) 4253042651 ( 25.70%) 520.70
dns 585285 ( 2.23%) 106751451 ( 0.65%) 182.39
realaud 40 ( 0.00%) 3916 ( 0.00%) 97.90
halflif 100 ( 0.00%) 15549 ( 0.00%) 155.49
starcra 303 ( 0.00%) 39291 ( 0.00%) 129.67
everque 357 ( 0.00%) 62855 ( 0.00%) 176.06
unreal 60 ( 0.00%) 9875 ( 0.00%) 164.58
quake 15 ( 0.00%) 1583 ( 0.00%) 105.53
cuseeme 4 ( 0.00%) 365 ( 0.00%) 91.25
other 7581492 ( 28.84%) 4145997278 ( 25.05%) 546.86
icmp 964999 ( 3.67%) 137294156 ( 0.83%) 142.27
ipip 349 ( 0.00%) 40620 ( 0.00%) 116.39
ipsec 8548 ( 0.03%) 4609248 ( 0.03%) 539.22
ip6 3341755 ( 12.71%) 1994676948 ( 12.05%) 596.90
other 156918 ( 0.60%) 16468916 ( 0.10%) 104.95
frag 1842 ( 0.01%) 1884491 ( 0.01%) 1023.07
ip6 43984 ( 0.17%) 6641116 ( 0.04%) 150.99
tcp6 14601 ( 0.06%) 1544541 ( 0.01%) 105.78
http(s) 45 ( 0.00%) 19268 ( 0.00%) 428.18
http(c) 5707 ( 0.02%) 524747 ( 0.00%) 91.95
smtp 214 ( 0.00%) 123025 ( 0.00%) 574.88
ftp 1661 ( 0.01%) 168390 ( 0.00%) 101.38
imap 223 ( 0.00%) 27439 ( 0.00%) 123.04
ssh 3217 ( 0.01%) 266758 ( 0.00%) 82.92
dns 116 ( 0.00%) 38709 ( 0.00%) 333.70
bgp 116 ( 0.00%) 15187 ( 0.00%) 130.92
other 3302 ( 0.01%) 361018 ( 0.00%) 109.33
udp6 23137 ( 0.09%) 4297271 ( 0.03%) 185.73
dns 22717 ( 0.09%) 4217668 ( 0.03%) 185.66
other 420 ( 0.00%) 79603 ( 0.00%) 189.53
icmp6 6160 ( 0.02%) 743000 ( 0.00%) 120.62
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 56 ( 0.00%) 52224 ( 0.00%) 932.57
tcpdump file: 201004130730.dump.gz (675.57 MB)