Traffic Trace Info
DumpFile: 201004130745.dump
FileSize: 1826.43MB
Id: 201004130745
StartTime: Tue Apr 13 07:45:00 2010
EndTime: Tue Apr 13 08:00:01 2010
TotalTime: 900.43 seconds
TotalCapSize: 1429.01MB CapLen: 96 bytes
# of packets: 26044662 (15786.79MB)
AvgRate: 147.08Mbps stddev:11.96M
IP flow (unique src/dst pair) Information
# of flows: 759989 (avg. 34.27 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.5% 2.4% 1.4% 1.3% 1.2% 1.1% 1.1% 0.7% 0.7% 0.5%
IP address Information
# of IPv4 addresses: 429258
Top 10 bandwidth usage (bytes/total in %):
24.7% 11.7% 4.9% 4.4% 4.3% 4.0% 3.4% 2.5% 2.5% 2.5%
# of IPv6 addresses: 804
Top 10 bandwidth usage (bytes/total in %):
28.5% 13.6% 13.1% 7.7% 6.0% 5.5% 5.0% 4.6% 3.6% 3.0%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130745.pktlen.png)
detailed numbers
[ 32- 63]: 3534330
[ 64- 127]: 7551233
[ 128- 255]: 2574596
[ 256- 511]: 1712574
[ 512- 1023]: 737512
[ 1024- 2047]: 9934417
Protocol Breakdown
![[protocol breakdown chart]](201004130745.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 26044662 (100.00%) 16553645002 (100.00%) 635.59
ip 25987053 ( 99.78%) 16545938915 ( 99.95%) 636.70
tcp 13646698 ( 52.40%) 9939267090 ( 60.04%) 728.33
http(s) 5648602 ( 21.69%) 7808945242 ( 47.17%) 1382.46
http(c) 3292746 ( 12.64%) 399584868 ( 2.41%) 121.35
squid 282038 ( 1.08%) 113177755 ( 0.68%) 401.29
smtp 255410 ( 0.98%) 54386135 ( 0.33%) 212.94
ftp 9305 ( 0.04%) 877704 ( 0.01%) 94.33
pop3 9265 ( 0.04%) 7073929 ( 0.04%) 763.51
imap 2517 ( 0.01%) 960382 ( 0.01%) 381.56
telnet 480 ( 0.00%) 50192 ( 0.00%) 104.57
ssh 1421647 ( 5.46%) 181390681 ( 1.10%) 127.59
dns 58284 ( 0.22%) 3988391 ( 0.02%) 68.43
bgp 148 ( 0.00%) 45555 ( 0.00%) 307.80
napster 15 ( 0.00%) 1810 ( 0.00%) 120.67
realaud 10 ( 0.00%) 1024 ( 0.00%) 102.40
rtsp 57 ( 0.00%) 4110 ( 0.00%) 72.11
icecast 520 ( 0.00%) 214252 ( 0.00%) 412.02
other 2665654 ( 10.23%) 1368565060 ( 8.27%) 513.41
udp 8289498 ( 31.83%) 4547966691 ( 27.47%) 548.64
dns 561569 ( 2.16%) 101933987 ( 0.62%) 181.52
realaud 25 ( 0.00%) 2888 ( 0.00%) 115.52
halflif 114 ( 0.00%) 14514 ( 0.00%) 127.32
starcra 286 ( 0.00%) 34428 ( 0.00%) 120.38
everque 305 ( 0.00%) 62203 ( 0.00%) 203.94
unreal 69 ( 0.00%) 11543 ( 0.00%) 167.29
quake 35 ( 0.00%) 2891 ( 0.00%) 82.60
cuseeme 1 ( 0.00%) 97 ( 0.00%) 97.00
other 7726730 ( 29.67%) 4445723912 ( 26.86%) 575.37
icmp 531688 ( 2.04%) 96022551 ( 0.58%) 180.60
ipip 325 ( 0.00%) 42790 ( 0.00%) 131.66
ipsec 7088 ( 0.03%) 2669148 ( 0.02%) 376.57
ip6 3320427 ( 12.75%) 1939641571 ( 11.72%) 584.15
other 191329 ( 0.73%) 20329074 ( 0.12%) 106.25
frag 1994 ( 0.01%) 2068448 ( 0.01%) 1037.34
ip6 57609 ( 0.22%) 7706087 ( 0.05%) 133.77
tcp6 28014 ( 0.11%) 2601342 ( 0.02%) 92.86
http(s) 45 ( 0.00%) 25596 ( 0.00%) 568.80
http(c) 18721 ( 0.07%) 1610451 ( 0.01%) 86.02
smtp 157 ( 0.00%) 95130 ( 0.00%) 605.92
ftp 1773 ( 0.01%) 177639 ( 0.00%) 100.19
imap 158 ( 0.00%) 18735 ( 0.00%) 118.58
ssh 3249 ( 0.01%) 269754 ( 0.00%) 83.03
dns 72 ( 0.00%) 23673 ( 0.00%) 328.79
bgp 110 ( 0.00%) 13768 ( 0.00%) 125.16
other 3729 ( 0.01%) 366596 ( 0.00%) 98.31
udp6 23510 ( 0.09%) 4331970 ( 0.03%) 184.26
dns 23112 ( 0.09%) 4260742 ( 0.03%) 184.35
other 398 ( 0.00%) 71228 ( 0.00%) 178.96
icmp6 6005 ( 0.02%) 726334 ( 0.00%) 120.95
pim6 31 ( 0.00%) 4216 ( 0.00%) 136.00
other6 49 ( 0.00%) 42225 ( 0.00%) 861.73
tcpdump file: 201004130745.dump.gz (669.75 MB)