Traffic Trace Info
DumpFile: 201004130830.dump
FileSize: 1963.20MB
Id: 201004130830
StartTime: Tue Apr 13 08:30:00 2010
EndTime: Tue Apr 13 08:45:01 2010
TotalTime: 900.56 seconds
TotalCapSize: 1535.40MB CapLen: 96 bytes
# of packets: 28035583 (17333.21MB)
AvgRate: 161.46Mbps stddev:12.16M
IP flow (unique src/dst pair) Information
# of flows: 983886 (avg. 28.49 pkts/flow)
Top 10 big flow size (bytes/total in %):
2.8% 1.8% 1.2% 1.2% 1.1% 1.0% 0.9% 0.7% 0.6% 0.6%
IP address Information
# of IPv4 addresses: 606800
Top 10 bandwidth usage (bytes/total in %):
23.9% 11.7% 5.3% 4.3% 4.3% 4.2% 3.1% 2.9% 2.9% 1.8%
# of IPv6 addresses: 872
Top 10 bandwidth usage (bytes/total in %):
29.5% 9.5% 8.0% 7.7% 6.5% 4.5% 4.4% 4.3% 3.3% 3.1%
Packet Size Distribution (including MAC headers)
![[packet size distribution]](201004130830.pktlen.png)
detailed numbers
[ 32- 63]: 4063848
[ 64- 127]: 7674310
[ 128- 255]: 2841296
[ 256- 511]: 1658196
[ 512- 1023]: 818618
[ 1024- 2047]: 10979315
Protocol Breakdown
![[protocol breakdown chart]](201004130830.png)
protocol packets bytes bytes/pkt
------------------------------------------------------------------------
total 28035583 (100.00%) 18175185179 (100.00%) 648.29
ip 27989313 ( 99.83%) 18167761002 ( 99.96%) 649.10
tcp 15155273 ( 54.06%) 11085258971 ( 60.99%) 731.45
http(s) 6349493 ( 22.65%) 8718953987 ( 47.97%) 1373.17
http(c) 3716955 ( 13.26%) 472782938 ( 2.60%) 127.20
squid 212197 ( 0.76%) 63396871 ( 0.35%) 298.76
smtp 214315 ( 0.76%) 62515192 ( 0.34%) 291.70
nntp 4 ( 0.00%) 254 ( 0.00%) 63.50
ftp 11097 ( 0.04%) 1182351 ( 0.01%) 106.55
pop3 39260 ( 0.14%) 46875251 ( 0.26%) 1193.97
imap 1176 ( 0.00%) 330254 ( 0.00%) 280.83
telnet 525 ( 0.00%) 70997 ( 0.00%) 135.23
ssh 1528272 ( 5.45%) 203196589 ( 1.12%) 132.96
dns 59769 ( 0.21%) 6589666 ( 0.04%) 110.25
bgp 153 ( 0.00%) 46285 ( 0.00%) 302.52
napster 11 ( 0.00%) 682 ( 0.00%) 62.00
realaud 17 ( 0.00%) 1445 ( 0.00%) 85.00
rtsp 54 ( 0.00%) 4054 ( 0.00%) 75.07
icecast 5072 ( 0.02%) 3750040 ( 0.02%) 739.36
hotline 24 ( 0.00%) 2475 ( 0.00%) 103.12
other 3016877 ( 10.76%) 1505559520 ( 8.28%) 499.05
udp 8541366 ( 30.47%) 4832452237 ( 26.59%) 565.77
dns 569330 ( 2.03%) 101826161 ( 0.56%) 178.85
realaud 28 ( 0.00%) 3524 ( 0.00%) 125.86
halflif 152 ( 0.00%) 20904 ( 0.00%) 137.53
starcra 362 ( 0.00%) 46507 ( 0.00%) 128.47
everque 587 ( 0.00%) 108846 ( 0.00%) 185.43
unreal 72 ( 0.00%) 10913 ( 0.00%) 151.57
quake 27 ( 0.00%) 2665 ( 0.00%) 98.70
cuseeme 2 ( 0.00%) 463 ( 0.00%) 231.50
other 7970515 ( 28.43%) 4730282050 ( 26.03%) 593.47
icmp 473601 ( 1.69%) 87705249 ( 0.48%) 185.19
ipip 342 ( 0.00%) 41424 ( 0.00%) 121.12
ipsec 6903 ( 0.02%) 2215802 ( 0.01%) 320.99
ip6 3571179 ( 12.74%) 2134952603 ( 11.75%) 597.83
other 240649 ( 0.86%) 25134716 ( 0.14%) 104.45
frag 1773 ( 0.01%) 1795872 ( 0.01%) 1012.90
ip6 46270 ( 0.17%) 7424177 ( 0.04%) 160.45
tcp6 16434 ( 0.06%) 2243278 ( 0.01%) 136.50
http(s) 184 ( 0.00%) 173383 ( 0.00%) 942.30
http(c) 6743 ( 0.02%) 567083 ( 0.00%) 84.10
squid 2 ( 0.00%) 148 ( 0.00%) 74.00
smtp 221 ( 0.00%) 83636 ( 0.00%) 378.44
ftp 1499 ( 0.01%) 151838 ( 0.00%) 101.29
imap 267 ( 0.00%) 32375 ( 0.00%) 121.25
ssh 3225 ( 0.01%) 267386 ( 0.00%) 82.91
dns 71 ( 0.00%) 15043 ( 0.00%) 211.87
bgp 112 ( 0.00%) 14665 ( 0.00%) 130.94
icecast 1 ( 0.00%) 74 ( 0.00%) 74.00
other 4109 ( 0.01%) 937647 ( 0.01%) 228.19
udp6 23688 ( 0.08%) 4419683 ( 0.02%) 186.58
dns 23402 ( 0.08%) 4370828 ( 0.02%) 186.77
other 286 ( 0.00%) 48855 ( 0.00%) 170.82
icmp6 6077 ( 0.02%) 722807 ( 0.00%) 118.94
pim6 30 ( 0.00%) 4080 ( 0.00%) 136.00
other6 41 ( 0.00%) 34329 ( 0.00%) 837.29
tcpdump file: 201004130830.dump.gz (707.99 MB)