Traffic Trace Info
DumpFile: 201004130800.dump
FileSize: 1921.79MB
Id: 201004130800
StartTime: Tue Apr 13 08:00:01 2010
EndTime: Tue Apr 13 08:15:01 2010
TotalTime: 900.02 seconds
TotalCapSize: 1502.04MB CapLen: 96 bytes
# of packets: 27508155 (17067.83MB)
AvgRate: 159.07Mbps stddev:12.33M
IP flow (unique src/dst pair) Information
# of flows: 760283 (avg. 36.18 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.0% 1.9% 1.3% 1.2% 1.0% 1.0% 0.8% 0.7% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 427170
Top 10 bandwidth usage (bytes/total in %):
24.8% 10.4% 5.4% 4.7% 4.5% 4.4% 3.1% 2.3% 2.1% 2.1%
# of IPv6 addresses: 914
Top 10 bandwidth usage (bytes/total in %):
32.9% 7.9% 7.1% 6.7% 5.8% 5.7% 4.4% 3.9% 3.8% 3.5%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130800.pktlen.png)
detailed numbers
[ 32- 63]: 3858627
[ 64- 127]: 7698573
[ 128- 255]: 2575714
[ 256- 511]: 1799547
[ 512- 1023]: 753455
[ 1024- 2047]: 10822239
Protocol Breakdown
![[protocol breakdown chart]](201004130800.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 27508155 (100.00%) 17896912274 (100.00%) 650.60
ip 27464970 ( 99.84%) 17890239034 ( 99.96%) 651.38
tcp 14630935 ( 53.19%) 10797692925 ( 60.33%) 738.00
http(s) 6167012 ( 22.42%) 8519205294 ( 47.60%) 1381.42
http(c) 3523342 ( 12.81%) 380568608 ( 2.13%) 108.01
squid 274435 ( 1.00%) 99482873 ( 0.56%) 362.50
smtp 270846 ( 0.98%) 66721174 ( 0.37%) 246.34
ftp 15594 ( 0.06%) 1426427 ( 0.01%) 91.47
pop3 11087 ( 0.04%) 7896379 ( 0.04%) 712.22
imap 1431 ( 0.01%) 745161 ( 0.00%) 520.73
telnet 433 ( 0.00%) 63168 ( 0.00%) 145.88
ssh 1467082 ( 5.33%) 209837366 ( 1.17%) 143.03
dns 56715 ( 0.21%) 3875991 ( 0.02%) 68.34
bgp 147 ( 0.00%) 44902 ( 0.00%) 305.46
napster 61 ( 0.00%) 7613 ( 0.00%) 124.80
realaud 17 ( 0.00%) 1608 ( 0.00%) 94.59
rtsp 60 ( 0.00%) 4426 ( 0.00%) 73.77
icecast 391 ( 0.00%) 25226 ( 0.00%) 64.52
hotline 3 ( 0.00%) 198 ( 0.00%) 66.00
other 2842278 ( 10.33%) 1507786451 ( 8.42%) 530.49
udp 8854769 ( 32.19%) 5107544947 ( 28.54%) 576.81
dns 580591 ( 2.11%) 102945304 ( 0.58%) 177.31
realaud 34 ( 0.00%) 4453 ( 0.00%) 130.97
halflif 113 ( 0.00%) 15524 ( 0.00%) 137.38
starcra 276 ( 0.00%) 35005 ( 0.00%) 126.83
everque 369 ( 0.00%) 75960 ( 0.00%) 205.85
unreal 85 ( 0.00%) 14139 ( 0.00%) 166.34
quake 30 ( 0.00%) 2649 ( 0.00%) 88.30
cuseeme 11 ( 0.00%) 1506 ( 0.00%) 136.91
other 8273021 ( 30.07%) 5004338905 ( 27.96%) 604.90
icmp 513351 ( 1.87%) 90488878 ( 0.51%) 176.27
ipip 346 ( 0.00%) 40184 ( 0.00%) 116.14
ipsec 4901 ( 0.02%) 1400370 ( 0.01%) 285.73
ip6 3272653 ( 11.90%) 1873293664 ( 10.47%) 572.41
other 188015 ( 0.68%) 19778066 ( 0.11%) 105.19
frag 1425 ( 0.01%) 1496178 ( 0.01%) 1049.95
ip6 43185 ( 0.16%) 6673240 ( 0.04%) 154.53
tcp6 12534 ( 0.05%) 1273838 ( 0.01%) 101.63
http(s) 50 ( 0.00%) 33742 ( 0.00%) 674.84
http(c) 3577 ( 0.01%) 319161 ( 0.00%) 89.23
squid 2 ( 0.00%) 148 ( 0.00%) 74.00
smtp 185 ( 0.00%) 75889 ( 0.00%) 410.21
ftp 1857 ( 0.01%) 188728 ( 0.00%) 101.63
imap 243 ( 0.00%) 29667 ( 0.00%) 122.09
ssh 2805 ( 0.01%) 232646 ( 0.00%) 82.94
dns 110 ( 0.00%) 24242 ( 0.00%) 220.38
bgp 128 ( 0.00%) 18612 ( 0.00%) 145.41
icecast 1 ( 0.00%) 74 ( 0.00%) 74.00
other 3576 ( 0.01%) 350929 ( 0.00%) 98.13
udp6 24529 ( 0.09%) 4620695 ( 0.03%) 188.38
dns 24105 ( 0.09%) 4549856 ( 0.03%) 188.75
realaud 1 ( 0.00%) 110 ( 0.00%) 110.00
other 423 ( 0.00%) 70729 ( 0.00%) 167.21
icmp6 6038 ( 0.02%) 727700 ( 0.00%) 120.52
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 54 ( 0.00%) 46927 ( 0.00%) 869.02
tcpdump file: 201004130800.dump.gz (703.09 MB)